Massachusetts: A Hotbed for Healthcare Cybersecurity

October 7, 2019
MassDigitalHealth editors

Man speaking at podium, Governor Charlie Baker speaking at the 2018 Cybesecurity Forum, Digital Health workers talking over laptops

Cyber crime damages will cost the world $6 trillion annually by 2021, and the healthcare sector is the single most expensive industry by over three-fold. The average cost of a single data breach is $3.92 million, and stolen patient health records—which are 50 times more valuable on the black market than financial information—fetch upwards of $60 for just one record.

October is National Cybersecurity Awareness Month and to highlight the issue, Massachusetts is hosting its first-ever statewide Cybersecurity Week. As the marquee event for the Week, the Baker-Polito Administration is convening the state’s third annual Cyber Forum, bringing together the top cybersecurity companies, researchers, and non-profits to discuss critical issues around workforce development and ways to make the state ‘cyber resilient’.

In healthcare, where ransomware attacks are predicted to quintuple by 2021, Massachusetts is also playing a leading role when it comes to cybersecurity. Below are a few examples:

  • The Massachusetts Digital Health Initiative brought together security-focused leaders from the across the Commonwealth to create a Cybersecurity Toolkit for Digital Health. Highlighting the collaborative nature that exists in the Commonwealth’s innovation economy, the kit was assembled by a cyber dream team representing the state’s top companies (Rapid7, PTC, Phillips), research hubs (MIT, MITRE), hospitals (MGH, Brigham & Women’s, Boston Children’s), and government agencies (U.S. Dept. of Homeland Security, MassCyberCenter);
  • Massachusetts has a strong investment environment, including in digital health but also for cybersecurity firms as well. Cybereason, a company with a focus on healthcare clients, raised a $200 million round, “the largest cybersecurity round landed in Greater Boston of all time” according to Crunchbase News. In the coverage of the new round, the company’s co-founder explained why they moved the firm’s global HQ from Israel to Boston: “Looking at the talent, market, access to other companies and customers, makes Boston the best choice possible…”; 
  • In June, security company Pixm won the $40,000 Platinum Award at the MassChallenge Health Tech accelerator’s finale. The startup develops “AI technology that uses visual recognition to detect zero-day phishing attacks.” Co-founder Arun Buduri spoke with the Boston Globe in a piece from this past March.
  • Chelmsford, Mass.-based Biscom, a provider of secure document transfer solutions, was announced as the 2019 MedTech Breakthrough Award Winner for “Best Electronic Health Record Security Solution”;
  • Ryan McKenna, a doctoral student at UMass-Amherst, won the grand prize in NIST’s “2019 Differential Privacy Synthetic Data Challenge,” a hack-a-thon  launched to find ways to “proactively [protect] individual privacy while allowing for public safety data to be used by researchers for positive purposes and outcomes.”
  • In August, Lexington-based healthcare cybersecurity company Imprivata announced a collaboration with Microsoft “aimed at enabling end-to-end healthcare identity and access management (IAM) using Microsoft Azure Active Directory”.

Those are just a sampling of healthcare/cybersecurity announcements in Massachusetts over the last six months – we probably missed a few dozen, at least! If you or your organization is interested in engaging with cybersecurity issues in Massachusetts, the Commonwealth’s MassCyberCenter and Mass Digital Health Initiative sites are good starting points. Check out the page on Massachusetts Cybersecurity Week and take a look at the Center’s event calendar for cybersecurity education and awareness events happening statewide throughout the year.