Helping healthcare combat cyber attackers
Hospitals and other healthcare organizations around the globe are under immense pressure as they test and care for patients with COVID-19. They are also under siege by cyber attackers. This month, Interpol released a warning to hospitals and other medical organizations saying they are seeing increasing targeted ransomware attacks aimed at these entities. While cybersecurity…
It’s Not Healthy to Confuse Compliance with Security
Cyberattackers’ interest in healthcare organizations continues to increase. In 2018, there were 284 breaches reported on the US Department of Health and Human Services (HHS) breach portal and 27 so far in 2019. According to InfoSec Institute, “nearly 95 percent of all medical and health care institutions have been victims of some form of cyberattack.”…
How to reduce the attack surface associated with medical devices
As the number of connected medical devices continues to rise, so does healthcare organizations’ attack surface. “Most medical devices available in the healthcare system today were not built with security in mind and it will take years until they are replaced (if they are at all) with next-generation devices,” says Leon Lerman, CEO and co-founder…
How well are healthcare organizations protecting patient information?
Healthcare organizations have high levels of confidence in their cybersecurity preparedness despite most of them using only basic user authentication methods in the face of an increasing number of patient identity theft and fraud instances in the marketplace, according to LexisNexis Risk Solutions. Key survey findings Specifically, the survey results showed: 58% believe that the…
Prioritizing security efforts is key to data security in the cloud
32% of healthcare organizations store a wide range of sensitive data in the cloud, including healthcare data and personally identifiable information (PII) of customers and employees, according to Netwrix. In addition, the number of those who are ready to adopt cloud-first approach has increased by 31% since 2018, and the number considering becoming 100% cloud-based…
How the healthcare industry can improve online trust
Privacy on the internet is important in all industries, but none more so than the healthcare sector, which handles mass amounts of online health data daily. While any data loss (financial, identification, passwords, etc.) is significant, it can be particularly wrenching to think of one’s personal medical details floating in the cloud, accessible to anyone…
Healthcare executives need to make cybersecurity a business priority
Risks associated with Internet of Things, medical devices, third-party vendors, and program management are top of mind for healthcare executives, according to a CynergisTek’s survey. The survey of approximately 60 C-level healthcare executives revealed the greatest perceived threats and current challenges these organizations are facing in cybersecurity and privacy. The data also pinpointed some of…
Is curiosity killing patient privacy?
The digitization of healthcare is changing the face of fraud. With the growth of electronic health records (EHRs), online patient portals and virtual clinics, a wealth of sensitive medical information is available across multiple digital channels and while hackers and cybercriminals pose a massive risk to this information, it’s not just “outside” fraudsters that are…
Hacking our way into cybersecurity for medical devices
Hospitals are filled with machines connected to the internet. With a combination of both wired and wireless connectivity, knowing and managing which devices are connected has become more complicated and, consequently, the institutions’ attack surface has expanded. When did these devices get smart? A brief timeline shows the FDA didn’t start regulating the connectivity of…
Legacy infrastructures and unmanaged devices top security risks in the healthcare industry
The proliferation of healthcare IoT devices, along with unpartitioned networks, insufficient access controls and the reliance on legacy systems, has exposed a vulnerable attack surface that can be exploited by cybercriminals determined to steal personally identifiable information (PII) and protected health information (PHI), in addition to disrupting healthcare delivery processes. Published in the Vectra 2019…