Healthcare Cybersecurity Weekly Briefing 12-08-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

Critical Informatics Releases Continuous Vulnerability Identification (CVI), Automating Network Vulnerability Scans and Reporting
The service is operated from the company’s Critical Insight security monitoring platform, which keeps the technology footprint and installation as light as possible. […] CVI allows administrators to schedule scans as often as needed to identify emerging vulnerabilities, or execute scans on-demand following specific events, such as application updates. The configurable intervals between scans provide insight into vulnerability trends throughout the year, something that quarterly or annual scans may overlook.


As Data Vulnerabilities Escalate, Healthcare Organizations Need to Supercharge Security Efforts
For healthcare organizations to achieve their core values of serving their patients better and implementing their strategic priorities, it is imperative that they take back control of their data from their vendors. Healthcare organizations need to be in a position to dictate to the vendors how data needs to be managed if they want their business.


Future-proofing Security: Protecting Against the New Arsenal of Weaponized Malware
There are bound to be those in healthcare tempted to think artificial intelligence and machine learning will at some point come to the rescue, ferret out any would-be-attackers and then promptly and autonomously end the incident. Don’t fall into that trap but do understand the potential emerging technologies bring.


Hacked IV Pumps and Digital Smart Pens Can Lead to Data Breaches
Harit discovered that a simple $7 hardware device could interface with the IV infusion pump, read its configuration data, and understand which access point it was seeking to connect to. As a result, he established a fake access point, connected with the IV pump, and then collected sensitive medical data on an individual that included a master drug list and quantity of drugs to be taken.


How an Ohio Hospital Avoided a Widespread Ransomware Attack
Organizations of all sizes need to be aware of the potential threats and be willing to invest in options that will help keep sensitive data secure. Ohio-based Wood County Hospital averted a potentially widespread ransomware attack by detecting the issue with the help of its managed security services provider (MSSP) two weeks before it surfaced.


What to Consider Before Striking an EMR Contract
Hospitals also should use contracts to ensure ongoing training and support from their EMR partner. “Systems don’t last forever. An EMR purchased today may not even be supported 5 to 7 years from now,” he said. Even 5 years is “eons” in today’s technology landscape, according to Wood, and the clinicians tasked with using the system should be guaranteed ongoing training to stay abreast of updates and best practices.


Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.