Healthcare Cybersecurity Weekly Briefing 06-15-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

[EVENT] Happy Hour with CI Security and Algorithmia
Join the fun folks from CI Security team and Algorithmia for a rousing happy hour on Tuesday, June 26, from 5-7PM at Rein Haus in Seattle’s First Hill neighborhood.  Drink, eat and chat with us about the latest in cybersecurity, artificial intelligence and machine learning.

Perils of Healthcare Phishing and What You Can Do About It
Unfortunately, training isn’t always the answer. “There is at least one portion of the population in a healthcare environment that is relatively untrainable. Now that may not be politically correct to say, but I believe it’s true, and it is the physicians and their direct staff,” said Levine. “That is the number one reason why healthcare organizations do poorly on surveys and do poorly in general when it comes to reacting to everything from simple phishes or identity theft, all the way to ransomware, IP address, and worse,” Levine said.

Study: Better IT Security Doesn’t Mean Fewer Hospital Cyberattacks 
“It even seems that only certain types of hospitals are able to reap the benefits of having a greater number of IT security systems,” said lead author Corey Angst, a professor at Notre Dame’s Mendoza College of Business. “Those hospitals that symbolically, as opposed to substantively, adopt practices are not effective in using IT security to thwart breaches. We also found that it takes time for hospitals to realize the benefits of substantive adoption.”

The Malicious Use of Artificial Intelligence in Cybersecurity
‘Machine speed’ is described by Corvil’s David Murray as, “millions of instructions and calculations across multiple software programs, in 20 microseconds or even faster.” AI simply makes the unrealistic, real. The problem discussed in the paper is that this function has no ethical bias. It can be used as easily for malicious purposes as it can for beneficial purposes. AI is largely dual-purpose; and the basic threat is that zero-day malware will appear more frequently and be targeted more precisely, while existing defenses are neutralized – all because of AI systems in the hands of malicious actors.

Medical Cybersecurity vs. Power Quality : What is the Bigger Risk to Healthcare?
Poor power quality might cause more localised problems than the widespread impact of cyber-attacks, but they are equally important to the consistent and effective operation of healthcare businesses. While cybersecurity has understandably been a significant concern for businesses, we must not forget the power underpinning everything. The only way to ensure the highest level of patient data integrity is to protect it from both digital and electrical threats. By giving both aspects equal consideration, healthcare managers and engineers can keep data secure and remain operational.

Does Your Hospital Need a Chief Security Officer? 5 Things to Know About the CSO Role
When looking for a CSO, organizations should consider applicants’ technical and functional competencies to demonstrate they are qualified. Some organizations like to consider applicants with a white hat or ethical hacking background, Mr. Wallenberg added. It is also important to consider applicants’ experience with business continuity planning, auditing and risk management, as well as contract and vendor negotiation.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.