HEALTHCARE INFOSECURITY NEWSLETTER

October 2017

Top 10 Cyber Hygiene Tips for Healthcare IT and Security Professionals

Devesh Panchwagh, deltarisk.com, September 12, 2017

In the hospital setting, there is no tolerance for poor hygiene. Frequently washing your hands and using hand sanitizer can drastically decrease the chances of contamination, the spread of disease, and infection rates. It’s just as important to commit to cyber hygiene to slow down attackers who are looking to infect your mission-critical systems.

Read More

HHS Reviews HIPAA Rules Following Hurricane Harvey

Elizabeth Snell, healthitsecurity.com, August 30, 2017

Healthcare providers can face numerous challenges during natural disasters, including adhering to HIPAA rules while working to provide proper patient care through an emergency. HHS recently released a bulletin to help guide covered entities through declared emergencies, such as the aftermath of Hurricane Harvey in August 2017.

Read More

465,000 Patients Need Software Updates For Their Hackable Pacemakers

Lorenzo Franceschi-Bicchierai, motherboard.vice.com, August 30, 2017

Patching has long been one of the most tedious chores for those who want to keep their electronic devices secure or up to date. Sometimes, patches require a restart, disrupting your workflow. Sometimes, patches screw up the software, making it unusable.

Read More

46,000 New Phishing Sites are Created Every Day

Help Net Security Staff, helpnetsecurity.com, September 22, 2017

An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid.

Read More

[Opinion] Cybersecurity is Hard, Got It? But Let’s Stop Blaming Hospitals for Every Breach

Tom Sullivan, healthcareitnews.com, September 15, 2017

I stepped into the Healthcare Security Forum this week in Boston hoping to walk away with perhaps a few nuggets of optimism, even small ones. That didn’t exactly happen but, instead, a new message emerged: the conversation about how cybersecurity is so negative that it only triggers tension and hostility among infosec pros, executives and end users.

Read More

Negligent Employees are No.1 Cause of Cybersecurity Breaches

Alison DeNisco, techrepublic.com, September 19, 2017

Of all of the connections brought about by the Internet of Things, nothing is more frightening than the notion of an unsecured medical device. The magnitude of risk associated with medical devices and the Internet of Things is a gripping proposition with 67% of medical device makers expecting an attack on their devices while only 17% taking measures to prevent an attack, according to Ponemon.

Read More

Healthcare Security Experts Recommend Key Steps IT Leaders Can Take to Protect PHI, Business Continuity

Devesh Panchwagh, deltarisk.com, August 31, 2017

We hosted a webinar to discuss the challenges healthcare operators face when responding to cyber security incidents. Our presenters, Michael McKinley, Vice President and General Manager at Delta Risk, Chris Holda, Senior Healthcare IT Consultant, Huntzinger Management Group, and Ed Kopetsky, Chief Information Officer at Stanford Children’s Health and Advisor with Next Wave Health Advisors, provided valuable insights to help healthcare professionals reduce risks and improve incident response practices.

Read More

If Your Password Hygiene Sucks, This Password Manager Will Tell On You

Steven Melendez, fastcompany.com, September 20, 2017

It’s some of the most common security advice on the internet: Never use the same password between different accounts. That’s because despite all the attention paid to hackers exploiting so-called “zero-day” exploits, or previously undiscovered security holes, plenty of prominent digital attacks still rely on stolen passwords.

Read More

Why Diverse Cybersecurity Teams are Better at Understanding Threats, Patient Needs

Bill Siwicki, healthcareitnews.com, September 28, 2017

Hiring a diverse range of infosec employees benefits hospitals in ways not often discussed. In addition to employment equality, for instance, cybersecurity teams comprised of people with varying backgrounds is one key to both fighting enemies and taking care of patients.

Read More