Over this past weekend, a major distributed denial-of-service (DDoS) attack \u2014 technical speak for a cyberattack \u2014 crippled parts of the internet by targeting Dyn, a provider of domain name services (DNS). In simple terms, a DNS provider routes internet traffic like an air traffic controller. By targeting a DNS provider with a flood of junk requests by a \u201czombie army\u201d of botnets (a standard modus operandi for these types of attacks), major services such as Twitter, Netflix and Spotify were unavailable or were loading slower than normal.\nThe early indications are that the cyber attackers found vulnerabilities in devices connected to these major services \u2014 including smart home appliances, wireless-enabled baby monitors, and the like \u2014 and unleashed botnets using a malware known as Mirai. In other words, the attackers exploited the internet of things (IoT) by identifying and taking advantage of devices with weak security features. The Mirai malware has infected an estimated 500,000 internet-enabled devices.\nWe also learned that at least two vendors of electronic health record systems (EHR), Athena Health and Allscripts, were impacted by the Mirai malware attack.\nWhy healthcare is more vulnerable than other sectors\nI wrote in a recent column here that IT security in healthcare is no longer about healthcare or medical data. Recent data breaches reported by Banner Health and Bon Secours Health System were attributed to breaches at one of their HIPAA business associates (BA). \u00a0Healthcare is a particularly attractive sector for cyber attackers because a) healthcare information systems are not up to date compared to other industries, and b) healthcare data fetches a handsome price in the black market for stolen personal information. This is further corroborated by a recent survey indicating that nearly 90% \u00a0of healthcare lawyers believe that their industry is more vulnerable to cyberattacks than others.\nSo, on the one hand, we have the promise of IoT that can significantly improve healthcare outcomes through remote patient monitoring and connected health programs leveraging \u201csmart\u201d devices. On the other hand, we have the threat of cyberattacks that can cripple an entire system by exploiting vulnerabilities in one tiny corner of the IoT ecosystem.\nWhile technology optimists and vendors continue to make the case (rightly) for improving healthcare quality and lowering the overall costs of care through timely interventions and prevention of hospitalizations using connected devices, health systems (equally correctly) are cautious about exposing their infrastructure and networks to malicious attacks from IoT devices.\nThe mandate for healthcare enterprises\nThe good news is that data breaches and IT security, in general, have become CEO-level issues this year, especially in healthcare (over\u00a0112 million medical records\u00a0breached in 2015, and 2016\u00a0 set to be an\u00a0even bigger year). Consequently, budgets for IT security have gone up significantly. However, instead of simply throwing money at the problem, especially on technology tools, organizations such as Group Health Cooperative (GHC), a Seattle-based health system, are focusing more on process improvement, automated incident response and early containment. GHC is extremely restrictive about exchanging medical information with other technology providers and IoT devices, thereby insulating itself from technology partners with weak security practices. Other tactics include strengthening internal environments through simulation techniques such as penetration tests and advanced analytics for correlations and geo-locational "hot-spotting," which has become relevant recently in light of evidence indicating the involvement of nation-states in sophisticated cyberattacks.\nHealthcare enterprises operate in a rapidly expanding ecosystem of business associates (BA), including medical device manufacturers, known to have weak security features. At the same time, other parts of the system, including cloud services providers such as Amazon Web Services (AWS) and Microsoft Azure arguably have more robust security features in their environments compared to traditional healthcare enterprises.\nThe weakest link in the chain determines the strength of a chain, and healthcare companies need to continually assess their internal environments as well as their relationships with technology providers and other business associates.\nFor their part, federal agencies such as the Food and Drug Administration (FDA) and the Department of Health and Human Services (HHS) have swung into action to protect healthcare by defining security recommendations for device makers and guidelines for cloud service providers \u2014 a sort of \u201cbuilding code\u201d update for IT infrastructure in healthcare.\nIn the long term, healthcare will need to be able to turn its focus from "firefighting" to "code upgrades" when it comes to securing IT environments.