As human beings, we are programmed with a desire to help others in need, but this is one of the reasons that hackers are so successful in infiltrating our networks.
This week the Black Hat Conference takes place, followed by DefCon (in its 25th year); both cover the security landscape and feature plenty of insights into cyberattacks and ways of preventing them. The keynote at DefCon this year is focused on “Making Security Work for Everyone” and features Alex Stamos the chief security officer for Facebook. Last year I was lucky to be in the room during the Social Engineering Capture the Flag (SECTF) competition at DefCon 24, when the winning participant was on stage.
Each year SECTF participants compete to extract information from a list of target companies over the phone simply by using clever subterfuge and social engineering skills. It was an eye-opening experience to witness the ease with which a complete stranger was able to create a trusting relationship with an employee in the target company and obtain a large amount of information (you can read the details of the competition, targeted companies, and the information contestants were asked to gather online here).
This approach, leveraging social engineering, is not the end game for cyberattacks, but it is increasing in use and even being automated. The use of artificial (or augmented) intelligence (AI) is being explored in many fields, and hacking is no exception. Security companies are using AI to help automate protection, but there is no reason hackers won’t use the same approach to increase the number and sophistication of their attacks.
Security is Everyone’s Responsibility
The intent of the aforementioned competition is to expose risks and educate individuals and employees about them. Investing in education regarding company security fulfills a corporate goal but is a bit like offering health insurance to employees: it gives them value as well. Not only are they better-equipped to protect the corporate assets and information, but they are better positioned to protect their own personal assets and finances.
We don’t hear too much in the news regarding the “Nigerian 419 Scam” – but that’s not because it isn’t impacting people. As this chart shows, the scam resulted in the collection of $12.7 billion in 2013 alone.
We remain under constant attack, with variations of these approaches and other methods like phishing, vishing, and smishing (email-targeted attack, voice-targeted attack, and SMS-targeted attacks, respectively). Security needs to be everyone’s responsibility and has to come from the very top of the organization. It’s the same for any family. In my household, I invest a lot of time explaining these attack vectors and sharing stories of individual and corporate failures and losses that came as a result of poor security. I never miss an opportunity to use examples from all around me to illustrate why security matters and what you can do to achieve it.
The same should be true in any corporate environment: security needs to come from the board and CEO down. It can’t be an edict that applies just to employees while senior leadership is either ignoring or even bypassing the recommendations and training. Companies that have clear security guidelines and equip their employees to deal with potential attacks perform better and have lower risks of being breached.
Incremental Improvements for Employees in Managing Security
The recent WannCry ransomware outbreak that was closely followed by the Petya outbreak that swept around the world and crippled many companies and services offered a window into future potential challenges and raised awareness regarding security. Here are my suggestions for incremental improvements:
Do you have any other suggestions? What small change have you seen that makes a big difference when it comes to improving security in your organization, and in healthcare in general? What one thing could we do that would have a big impact in this area?
Please don’t hesitate to contact me with suggestions.
A new series of educational webcasts for both RACmonitor and ICD10monitor are being launched. The announcement was made by Chuck Buck, Publisher of RACmonitor and
The Centers for Medicare & Medicaid Services (CMS) has released the Inpatient Prospective Payment System (IPPS) Proposed Rule for the 2026 fiscal year (FY). Among
Please log in to your account to comment on this article.
Stop revenue leakage and boost hospital performance by mastering risk adjustment and HCCs. This essential webcast with expert Cheryl Ericson, RN, MS, CCDS, CDIP, will reveal how inaccurate patient acuity documentation leads to lost reimbursements through penalties from poor quality scores. Learn the critical differences between HCCs and traditional CCs/MCCs, adapt your CDI workflows, and ensure accurate payments in Medicare Advantage and value-based care models. Perfect for HIM leaders, coders, and CDI professionals. Don’t miss this chance to protect your hospital’s revenue and reputation!
Struggling with ICD-10-CM coding for diabetes and complications? This expert-led webcast clarifies complex combination codes, documentation gaps, and sequencing rules to reduce denials and ensure compliance. Dr. Angela Comfort will provide actionable strategies to accurately link diabetes to complications, improve provider documentation, and optimize reimbursement—helping coders, CDI specialists, and HIM leaders minimize audit risks and strengthen revenue integrity. Don’t miss this chance to master diabetes coding with real-world case studies, key takeaways, and live Q&A!
Uncover critical guidance. HIM coding expert, Kay Piper, RHIA, CDIP, CCS, provides an interactive review on important information in each of the AHA’s 2025 ICD-10-CM/PCS Quarterly Coding Clinics in easy-to-access on-demand webcasts, available shortly after each official publication.
Uncover critical guidance. Kay Piper provides an interactive review on coding guidelines and more in the AHA’s fourth quarter 2025 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Stay ahead of Medicare Advantage’s 2025-2026 regulatory changes in this critical webcast featuring expert Tiffany Ferguson, LMSW, CMAC, ACM. Learn how new CMS rules limit MA plan denials, protect hospitals from retroactive claim reopenings, and modify Two-Midnight Rule enforcement—plus key insights on omitted SDoH mandates and heightened readmission scrutiny. Discover actionable strategies to safeguard revenue, ensure compliance, and adapt to evolving health equity priorities before the June 2025 deadline. Essential for hospitals, revenue cycle teams, and compliance professionals navigating MA’s shifting landscape.
Struggling with CMS’s 3-Day Payment Window? Join compliance expert Michael G. Calahan, PA, MBA, CCO, to master billing restrictions for pre-admission and inter-facility services. Learn how to avoid audit risks, optimize revenue cycle workflows, and ensure compliance across departments. Critical for C-suite leaders, providers, coders, revenue cycle teams, and compliance teams—this webcast delivers actionable strategies to protect reimbursements and meet federal regulations.
Providers face increasing Medicare audits when using skin substitute grafts, leaving many unprepared for claim denials and financial liabilities. Join veteran healthcare attorney Andrew B. Wachler, Esq., in this essential webcast and master the Medicare audit process, learn best practices for compliant billing and documentation, and mitigate fraud and abuse risks. With actionable insights and a live Q&A session, you’ll gain the tools to defend your practice and ensure compliance in this rapidly evolving landscape.
Dr. Ronald Hirsch dives into the basics of Medicare for clinicians to be successful as utilization review professionals. He’ll break down what Medicare does and doesn’t pay for, what services it provides and how hospitals get paid for providing those services – including both inpatient and outpatient. Learn how claims are prepared and how much patients must pay for their care. By attending our webcast, you will gain a new understanding of these issues and be better equipped to talk to patients, to their medical staff, and to their administrative team.
Copyright © 2025 ICD10monitor. Powered by MedLearn Media.
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
