Healthcare Industry Faces Shortage in Experienced Cybersecurity Experts | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Healthcare Industry Faces Shortage in Experienced Cybersecurity Experts

October 28, 2015
by Heather Landi
| Reprints

Given the increase in cyber attacks against healthcare organizations, cybersecurity is a top priority for many hospitals and health systems, yet there is currently a shortage in experienced cybersecurity professionals, according to a research report from Burning Glass Technologies.

While cybersecurity positions have historically been prevalent among defense contractors and government agencies, there is has been a hiring boom in industries like finance, healthcare and retail, the report says. Burning Glass Technologies is a Boston-based job market analytics provider and the report provides a cybersecurity job market analysis.

The healthcare industry has seen a 121 percent increase in the demand for cybersecurity workers in the past five years, and the authors of the Burning Glass Technologies report credit this increase to the fact that healthcare organizations manage increasing volumes of consumer data. Yet, the healthcare industry is competing with other industries for experienced cybersecurity professionals.

Job postings for cybersecurity positions have grown 91 percent from 2010 to 2014, across all industries. And, due to the gap between demand and supply, cybersecurity professionals can command salaries that are 9 percent higher, on average, than other IT professionals. Cybersecurity jobs took 8 percent longer to fill than IT job postings overall in 2014, the report found.

And, there is a high demand for cybersecurity talent that holds Certified Information Systems Security Professional (CISSP) credentials, and that demand is outstripping supply as well.

 In the U.S., there are 65,362 professionals who hold a CISSP certification, but employers posted nearly 50,000 jobs requesting a CISSP certified cybersecurity professional. That equates to about three or more job postings for every professional who holds a CISSP certificate.

CISSP is the primary credential in cybersecurity work, yet professionals must have at least five years of work experience in the cybersecurity industry before even applying for it, so this is a gap that will take time to fill, the report authors state.

In addition, within the healthcare industry, there is a rising demand for cybersecurity professionals with skills pertinent to healthcare, such generally accepted accounting principles and financial reporting as well as familiarity with Health Insurance Portability and Accountability Act (HIPAA) compliance and standards and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

According to the report, positions that require both CISSP credentials and familiarity with healthcare skills and knowledge can be very difficult to fill.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.

Report: Healthcare Accounted for 45% of All Ransomware Attacks in 2017

Healthcare fell victim to more ransomware attacks than any other industry in 2017, according to a new report from global cybersecurity insurance company Beazley.

Study: Use of EHRs Does Not Reduce Administrative Costs

A recent study by Duke University and Harvard Business School researchers found that costs for processing a single bill ranged from $20 for a primary care visit to $215 for an inpatient surgical procedure, or up to 25 percent of revenue.

Kibbe to Step Down as CEO of DirectTrust

David Kibbe, M.D., M.B.A., announced he would step down as president and CEO of DirectTrust at the end of the year.