What's Happening?
At the LeadingAge 2025 conference, industry experts emphasized the growing cybersecurity threats facing the senior care sector. Michael Gray, Vice President of IT and Chief Compliance Officer, highlighted
the increased familiarity with ransomware attacks compared to five years ago. The conference discussed the evolving tactics of malicious actors, including prolonged presence in networks and sophisticated social engineering attempts. Multifactor authentication is becoming more phishing-resistant to counter these threats. Gray noted the importance of preparedness, as recovery from cyber events can be lengthy, requiring cross-departmental coordination to maintain operations. Training staff in paper charting was identified as a necessary skill during system downtimes.
Why It's Important?
The senior care industry is particularly vulnerable to cyberattacks due to its reliance on digital systems for patient care and data management. As cyber threats become more sophisticated, the need for robust cybersecurity measures is critical to protect sensitive health information and ensure continuity of care. The emphasis on training and preparedness at LeadingAge 2025 underscores the importance of equipping staff with the knowledge and skills to respond effectively to cyber incidents. Organizations that fail to implement comprehensive cybersecurity strategies risk facing penalties and reputational damage, which can have significant financial and operational consequences.
What's Next?
Senior care organizations are expected to enhance their cybersecurity frameworks, focusing on training staff and implementing advanced security measures. Partnerships with cybersecurity experts may be necessary for smaller organizations lacking dedicated IT security personnel. The industry will likely see increased investment in cybersecurity tools and training programs to mitigate risks. Regulatory bodies may impose stricter compliance requirements to ensure adequate protection of health data. Stakeholders, including healthcare providers and policymakers, will need to collaborate to address the evolving cyber threat landscape and safeguard the industry.
