The Department of Health and Human Services is working on grant programs and other financial programs to help under-resourced healthcare organizations deal with the cybersecurity challenges they're facing, said La Monte Yarborough, CISO and acting deputy CIO at HHS.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
Leaders in cybersecurity - and in any other business - need to keep a bank account filled with the trust and respect of their employees and make sure that account stays in the black, said Chase Cunningham, aka the Doctor of Zero Trust. He discussed his new book on how to be a good leader.
The Change Healthcare mega hack has taken nearly 120 of the company's IT products and services offline since Feb. 21, and that cyber disruption is having serious, widespread impact on the entire healthcare industry including major players, said attorney Sara Goldstein of the law firm BakerHostetler.
Your supply chain is your new attack surface, according to Galit Lubetzky Sharon, the co-founder and CEO of Wing Security. She discusses Wing's solution - Secure SaaS Posture Management, or SSPM - that helps organizations ensure that all of their SaaS apps are safe and compliant.
It's not just medical device cybersecurity that's keeping some healthcare security leaders up at night - it's also the risks posed by other critical connected gear that patients and clinicians depend upon, said Ali Youssef, director of medical device and emerging tech security at Henry Ford Health System.
CISO Sam Curry and CMO Red Curry discuss the chaos and disruption of cyberwar and how attacks on critical infrastructure can tactically help attackers in combat, demoralize the general population and affect critical capabilities at just the right point in time.
The Biden administration's strategy for bolstering health sector cybersecurity, which includes newly released voluntary cyber performance goals and plans to update the HIPAA Security Rule, is fueling uncertainty in some organizations, said privacy attorney Iliana Peters of law firm Polsinelli.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
Getting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.
Security leaders focus on protection and detection, but the new priority is resilience. A resilience strategy should "get the real 'ground truth' of what has happened" in the attack, said Brian Dye, CEO of Corelight, in this episode of "Cybersecurity Insights."
The ubiquity and anonymity of cryptocurrencies are fueling economic, legal and ethical challenges that put healthcare entities in the crosshairs of cybercriminals, said David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit.
Extended Detection and Response (XDR) has evolved significantly over the past few years, becoming more critical than ever for organizations in need of enhanced capabilities. But so, too, have the accompanying managed services evolved. Port53 Technologies President Omar Zarabi explains.
Merck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin.
AI, machine learning and large language models are not new, but they are coming to fruition with the mass adoption of generative AI. For cybersecurity professionals, these are "exciting times we live in," said Dan Grosu, CTO and CISO at Information Security Media Group.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.