Healthcare Information Security

Cybersecurity News

Necessary Skills for Healthcare IT Security Professionals

With technology continuing to evolve, healthcare IT security professionals must ensure that their skill set remains comprehensive and able to meet challenges as they arise.

By Bill Kleyman

- So you work in the healthcare IT security world. Have you seen some changes? Are you noticing more users requesting complex applications?

Healthcare IT security skill sets must adapt with changing technology

Maybe you’re starting to deploy more compliance-ready cloud systems. Or, you could be utilizing new digital tools to help deliver powerful healthcare services.

Whichever way you position it, healthcare IT security is changing. Rather, it has already changed.

And with this change comes the evolution of healthcare IT skillsets. Still, none will be more important than the understanding of the healthcare business, where security fits in, and how digitization will impact the entire healthcare organization.

Very recently, IDC described the hiring and general development strategies for IT job roles that consider the roles' current and future importance to the enterprise.

READ MORE: Cybersecurity Attacks Hit 87% of Organizations in 2016

"IT staffing strategies cannot be homogenous,” said Cushing Anderson, vice president, IT Education and Certification. “CIOs and IT managers must develop strategies that appropriately consider both the internal importance of particular roles and the availability of external talent."

Furthermore, IDC recently released a great infographic showing how organizations are “Crossing the IT Security Skills Gap.” The graphic described the growing risks and need for skilled and qualified cyber security experts, with:

  • 75 percent of firms experiencing some type of security event in 2014, and
  • 33 percent impacted by cybercrime
  • 63 percent of organizations are not prepared to respond

Furthermore, there is a very high value that organizations are placing on people with these skills, with salaries and signing bonuses sky-rocketing. And, the key role of training and development in helping organizations to close the gap is critical for skillset evolution.

Finally, the graphic illustrated that certifications matter, and on-going training is critical to ensuring on-going security capability.

Still, when working in IT security and healthcare, there is one more critical skillset to consider: communication. Gartner estimates by 2020, 100 percent of IT roles will require an intermediate level of proficiency in business acumen.

READ MORE: Recent Executive Order to Strengthen Federal Cybersecurity

They go on to state that systematic communication practices will allow CIOs to clearly identify the changes in the business and how they will affect the IT strategy, establish clear roles and contributions on an employee level, and inspire actions and commitments to deliver better business results.

“Developing strong business acumen in IT is a prerequisite to effectively shift IT focus from optimizing IT operational efficiency to driving business effectiveness, value creation and growth,” said Lily Mok, research vice president at Gartner. “At the heart of an effective IT communication strategy is the ability to clearly link the vision, strategy and action plans of IT to the business to drive desired behaviors in the workforce that contribute to improved IT performance and business outcomes.”

With all of this in mind, let’s examine some specific skills that healthcare IT and security professionals should consider:

Become a part of the healthcare business

Join meetings, talk to executives, query doctors and healthcare associates, and learn as much as you can. The best healthcare IT professionals are those who can intimately tell you user experiences, nuances, and where there can be improvements. You don’t need an MBA to do this, but you do need to have the willingness to learn more about your organization. Find out about remote offices, your distributed resources, and how users are interacting with critical healthcare data points. From there, always look for ways to make the process better, more transparent for the user, and more secure.

READ MORE: FDA Has Medical Device Cybersecurity Concerns in Abbott Labs

When it comes to security, go holistic and see the bigger picture

Basically, put the architect hat on and get rid of those blinders. Engineers too often experience tunnel vision; but this can trickle into business and overall IT operations as well. Join other healthcare IT teams to become an outside eye to IT healthcare processes. Not only does this allow you to learn more about your own organization, you might be able to find ways you can create even greater levels of efficiency. Thinking like an architect doesn’t mean you have to hang up your engineering badge. In fact, some of the best healthcare security IT engineers become brilliant analysts and senior security experts. However, this does require a higher level of vision into healthcare operations, and a better understanding of the business.

Management, automation, analytics, and data security are all powerful, emerging healthcare security options

Find blind spots in your IT and healthcare operations and find ways to fill those gaps. For example, a great skill is to understand how various components interact, and then working to find ways to reduce complexity and management fragmentation. Next-generation security tools are built directly into healthcare operational processes. You’re not only creating greater levels of visibility, you’re also enabling the healthcare organization to become more agile in a very competitive market.

Be creative with your solutions and remove IT silos

This becomes a broader recommendation for all healthcare IT professionals. Become involved in the IT conversation, read articles, ask questions, and always try to find ways to better both yourself and your healthcare organization. There are a lot of great tools which are considered to be both digital and security disruptors in terms of how they deal with advanced persistent threats. Machine learning systems help evolve end-point detection and response (EDR) platforms, while advanced cloud security platforms allow for cross-cloud and data center integration. Know when to use these tools and how to integrate them.

There’s no question that there won’t be even more digitization happening within healthcare. Those IT professionals who can help their healthcare organization keep up will become critically valued assets.

Most of all, by learning more parts of the healthcare business, you not only become indispensable, you also help push your healthcare organization and services forward. This creates for greater competitive advantages and a more secure ecosystem.

Dig Deeper:


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...