Getting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consultancy Clearwater.
Machine learning systems are vulnerable to cyberattacks that could allow hackers to evade security and prompt data leaks, scientists at the National Institute of Standards and Technology warned. There is "no foolproof defense" against some of these attacks, researchers said.
In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
As cyberattacks continue to increase in frequency and sophistication, the healthcare industry ranks as the most targeted sector. You don’t have to be a household name to be an attractive target for today’s cybercriminals.
Protecting your healthcare organization is an ongoing process, and it requires careful...
Ransomware attacks on healthcare organizations can be a life-or-death situation. The onset of COVID-19 introduced new risk factors to HDOs, including remote work, new systems to support it, staffing challenges, and elevated patient care requirements. There’s been a great deal of media coverage on the rise of...
As healthcare organizations introduce new technology into their environments, questions often arise as to how and where to allocate resources in order to best reduce cyber risk. This report—a collaboration between KLAS and the American Hospital Association (AHA)—is intended to provide high-level insights into the...
Healthcare Delivery Organizations (HDOs) have valuable health information and need to continuously ensure that technology and information are available to provide essential patient care. Ransomware attackers are sophisticated and opportunistic, understanding that HDOs are lucrative targets because of organizational...
Healthcare entities need to think more strategically about managing risk by implementing a robust cybersecurity framework such as the National Institute of Standards and Technology's CSF, said Bob Bastani, cybersecurity adviser at the Department of Health and Human Services.
The Department of Health and Human Services and the Health Sector Coordinating Council on Wednesday published an updated toolkit that aims to help healthcare entities align security programs with the National Institute of Standards and Technology's Cybersecurity Framework.
Healthcare leaders are increasingly looking to 405(d) Health Industry Cybersecurity Practices (HICP) as their guide to better cyber risk management, thanks to its alignment to the NIST framework and specific practices by organization size. Still, if you're new to 405(d) HICP or just getting started, determining where...
U.S. President Joe Biden signed into law the Quantum Computing Cybersecurity Preparedness Act, designed "to encourage the migration of federal government IT systems to quantum-resistant cryptography" by ensuring they prepare strategies now for implementing forthcoming cryptography standards.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Achieving Zero Trust compliance can feel like an ever-growing to-do list as regulatory requirements are continuously updated, often difficult to understand, and even harder to implement. If you don’t know where to start, some of the most basic yet difficult challenges can include trying to monitor and measure the...
A White House agency today told U.S. federal government IT vendors they must attest to using secure software development techniques. Self-attestation "is a bit of a compliance activity, but it's a pretty light compliance activity," says former federal CISO Grant Schneider.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.