Healthcare Cybersecurity Weekly Briefing 10-06-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

The Global Cyber Attack on Healthcare 
“Going for medical treatment is typically a scary enough experience, which puts everyone on edge. Now imagine a world in which patients are told by their doctors, hospitals, and other healthcare providers that they must wait, go to another facility, or worse yet, have their treatment postponed because the healthcare provider cannot access necessary records or machinery,” he explained. “Such is the age we live in.”

 

Security Giant McAfee to Healthcare CIOs, CISOs: Know Your Enemy
So just how vulnerable is the healthcare industry? Quite, according to the new “McAfee Labs Threats Report: September 2017” study from security giant McAfee, which not only identifies threats but suggests ways healthcare CIOs and CISOs can protect themselves from the threats. McAfee Labs’ quarterly analysis of publicly disclosed security incidents found the public sector to be the most impacted North American sector over the last six quarters, but healthcare overtook it in the second quarter of 2017 with 26 percent of incidents.

 

Update Now: Don’t Ignore Major Security Patches, HIMSS Report Says
And while you’re at it, Apple, Mozilla and Apache also have fresh patches, according to the HIMSS Healthcare Cross-Sector Cyber Security Report for September 2017. “The specific overarching theme in this month’s report is on newer technologies: web and mobile, especially web,” Lee Kim, HIMSS’ director of privacy and security said. “These technologies can be ‘open doors’ to hackers.”

 

HITRUST Deploys ‘Honeypots’ to Gain Knowledge of Cyber Attack Methods 
HITRUST said it has taken the concept to the next level by designing a deception environment that spans across many healthcare organizations via the HITRUST CTX threat-sharing infrastructure. HITRUST has also deployed decoys of commonly used systems including leading EHRs, medical devices and other healthcare-specific systems. HITRUST facilitates the 24/7 monitoring of the activity.

 

Securing a National Treasure – Healthcare: Is It Possible? 
The general consensus was that the threat can be mitigated, but it is no easy task. It is important, Information Age learned, for law enforcement agencies and healthcare organisations to work together. A public and private collaboration can help disrupt the success of attackers, by upstreaming intelligence, and sharing threats and vulnerabilities.

 

Report: Healthcare Organizations Spend $12.5 Million a Year on Cybersecurity 
Looking at 15 different industry sectors, the study found that financial services has the highest cost of cybercrime, at $18.3 million, on average, a year, followed by utilities and energy, costing $17.2 million a year. For organizations in the healthcare sector, the average annualized cost of cybercrime is $12.5 million a year, making healthcare the fifth most costly industry.

 

Hey, IoT Vendors. When a Pediatric Nurse Tells You to Fix Security, You Definitely Screwed Up
A children’s nurse told delegates at the Virus Bulletin conference in Madrid on Thursday to get a grip on Internet of Things security. […] For one thing there is no medical need for such devices to be connected to the net 24/7, she said. More fundamentally, government regulation is needed to mandate baseline security standards. Milosevic advocated coordinated vulnerability disclosure, a process that would mean security researchers would work with manufacturers to fix issues before going public.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>