HEALTHCARE INFOSECURITY NEWSLETTER

November 2017

6 Essential Steps for Creating an Actionable Incident Response Plan

Ryan Clancy, deltarisk.com, October 20, 2017

A few weeks ago, I spoke at the ASIS 63rd Annual International Conference about creating an actionable cyber security incident response plan that is tested and proven. Considering ASIS is more focused on physical security, I kept my recommendations focused on incident response in general. As I looked at “cyberizing” the recommendations, I discovered there isn’t much I would adjust for a physical security incident response plan.

Read More

Hospital Impact—Cybersecurity Breaches Pose Major Legal Threat to Healthcare Providers

Trish Carreiro, fiercehealthcare.com, November 1, 2017

Medical devices promise huge advantages, including improved patient care, cost savings and workforce productivity, but there are also significant dangers. The healthcare sector is notorious for its underinvestment in cybersecurity; a reality made only more dire by the demands of the Obama administration’s electronic medical record mandate.

Read More

WannaCry Ransomware: Hospitals Were Warned to Patch System to Protect Against Cyber-Attack – But Didn’t

Danny Palmer, zdnet.com, October 27, 2017

The National Health Service (NHS) was left vulnerable to the WannaCry ransomware attack because, despite local health trusts being warned to patch their systems, many had failed to do so. A National Audit Office (NAO) investigation into May’s global cyber-attack — which took down IT systems at many NHS organisations — has found that the impact of WannaCry could have been prevented if basic security best practice had been applied.

Read More

What Are Basic, Essential Healthcare Cybersecurity Measures?

Elizabeth Snell, healthitsecurity.com, October 27, 2017

With October being National Cybersecurity Awareness Month (NCAM), OCR highlighted top healthcare cybersecurity measures that all covered entities and business associates should keep in mind. NCAM is an ideal time for organizations to review basic cybersecurity tips, to ensure that ePHI stays secure and that entities are able to make necessary adjustments as technology evolves.

Read More

Hospitals, Don’t Wait to Address These Little-Known IoT Security Issues

Bill Siwicki, healthcareitnews.com, November 1, 2017

When it comes to securing the Internet of Things in healthcare, there are many issues that are known obstacles. And then there are those that are not as well-understood. Unfortunately, these issues pose security threats and need to be considered by infosec teams.

Read More

HHS Continuing to Push for Health Care Cyberthreat Sharing

Carten Cordell, fedscoop.com, November 1, 2017

Sharing cyberthreat information between public and private sector partners has long been the Department of Homeland Security’s strategy for strong cybersecurity. It’s also becoming the prescription for the Department of Health and Human Services.

Read More

Q&A: Essential Tips for Solving the Worker Shortage and Starting a Career in Cyber Security

Leah Schmid, deltarisk.com, October 27, 2017

The week four theme of National Cyber Security Awareness Month (NCSAM) is “The Internet Wants You: Consider a Career in Cybersecurity.” We asked our Vice President of Human Resources, Leah Schmid, to weigh in on this topic. In this week’s blog, she offers her insights into the different issues surrounding the growing shortage of qualified cyber security professionals and what that means for the future, as well as some advice for people interested in a career in cyber security.

Read More

Bad Rabbit Ransomware Spread Via Fake Flash Player Updates

HIPAA Journal Staff, Hipaajournal.com, October 25, 2017

A new ransomware threat has been detected – named Bad Rabbit ransomware – that has crippled businesses in Russia, Ukraine, and Europe. While Bad Rabbit ransomware attacks do not appear to have been conducted in the United States so far, healthcare organizations should take steps to block the threat.

Read More

State, Local Health Agencies Moving Faster Towards Cloud, Mobile, Cybersecurity

Bill Siwicki, healthcareitnews.com, October 27, 2017

State and local health and human services agencies across the United States continue to make progress in their use of digital technologies to become more effective and efficient, according to a new report from the American Public Human Services Association and IT professional membership organization CompTIA.

Read More