STOP – LOOK – THINK. The three most powerful words in defending against cyber threats.

Over the past 30 years, cybersecurity awareness and education have increased across all industries, such as government, healthcare, and retail. In 1988 the Association of Computing Machinery’s Washington, D.C. Chapter dubbed November 30th as Computer Security Day, increasing awareness around cybersecurity, especially approaching the holiday season. This was prompted by the discovery of the first computer virus, The Morris Worm.  October was declared Cybersecurity Awareness Month by the Cybersecurity & Infrastructure Security Agency (CISA), dedicating a month for public and private sectors to work together and raise awareness about the importance of cybersecurity. As a healthcare technology professional, did you do anything in recognition of these?

It can seem like a daunting task to tackle, but with just a little thought, preparation, and use of available resources from government agencies, it can be easily accomplished. In this blog, learn how to leverage awareness-driven holidays to bring focus on the critical nature of cybersecurity, and never miss out on this huge opportunity again!

Read More: Top 9 Cybersecurity Tips to keep your Patients’ Data Secure

Driven by ImagineSoftware’s VP of IT and Corporate Security Officer, Anthony Brown, the security team at ImagineSoftware has found the following to be very effective in raising cybersecurity awareness with our team and making cybersecurity a newfound habit:

Posters: As simple as this sounds, the visual reminders in offices/breakrooms/and the like are a great way to keep this on the front of everyone’s mind.

Email Communications: Simple weekly communications with cybersecurity information also serves in helping bring security awareness to the top of our team’s minds.

Gamification of weekly activities: We created weekly games (with meaningful prizes) around cybersecurity tasks or taking additional training or participating in lunch-and-learns.  There is some competitive spirit in all of us and who doesn’t like to win something?

Lunch-and-Learns: With lunch sometimes provided by the company or with employees bringing their own, lunch-and-learns always offer an informative open discussion on cybersecurity topics such as email encryption, data loss prevention, or the current and future state of the cyber terrorist activities plaguing both our business and personal lives.

Phishing Tests: This is an ongoing effort with the team, but we always make sure to include one during October.  Why? 90+% of all ransomware attacks and data breaches were the result of human error – taking the wrong action with a nefarious email.  You must help your team to recognize these and take the correct action, which is NOT clicking the link or opening the attachment and instead alerting your security team. We must practice, practice, practice this – it is your last line of defense, perhaps your only line of defense.

Webinars: ImagineSoftware hosts many webinars for our clients and industry friends, October always includes at least one.  If you missed last month’s, it is still available on our website.  You might consider doing something similar for your providers and/or clients.

Watch the On Demand Webinar:

Thrash Cyber Threats | Intelligently Disrupting Cybersecurity Threats in Your Medical Practice

These various components may seem simple, but when combined with repetition are extremely effective. It is a good way to emphasize the ongoing training and education you are doing throughout the year; it cannot be a one and done endeavor. 

Learn More: ImagineSoftware Continues Commitment to Client Data Protection and Security with Robust Compliance Certifications

If you would like help or to understand what we leverage at ImagineSoftware to do the above, let’s talk. We are only as secure as our weakest link, so let’s all stand strong, link arms, and turn back this wave of digital terrorism.


Anthony Brown

Tony leads the Information Technology and Security Teams to facilitate the success of our clients and the enterprise through technology. His team has responsibility for providing consultative infrastructure support to those clients using our products on-premises, our data centers supporting our hosted clients, and enterprise infrastructure and solutions, in addition to cyber and physical security. He brings 40+ years of deep and varied technology experience, having spent over 30 of those years with some of the largest RCM organizations in the USA leading technology, privacy, security, and operations. He is a Certified Computing Professional and holds degrees from Delta College and Northwood University in Computer Information Management.