CPO

#WannaCry: Lessons Learned and Implications

#WannaCry: Lessons Learned and Implications The recent large-scale WannaCry attack underscored the financial and businesses disruption harm that cyber-attacks can cause. This pandemic cyber-attack, which highlighted the increased use of criminal ransomware and the proliferation of military-grade cyber weapons, serves as an opportunity to recognize the following: The risk of cyber-caused business interruption (cyber BI)

[ Read More ]

Here are the dos and don’ts when hiring healthcare cybersecurity pros

If you want to attract talent, demonstrate to cybersecurity professionals a strong cultural commitment to information security. Healthcare organizations are wrestling with a vast number of cybersecurity job openings and the dearth of cybersecurity professionals to fill those roles. Fifty-eight percent are training existing staff in new security skills, 53 percent are using contractors, 36

[ Read More ]

There’s no gray area with ransomware breach reporting

OCR’s updated rules make it pretty clear: The burden of proof is on the healthcare provider. When cybercriminals began the onslaught of ransomware attacks on the healthcare industry in early 2016, very few were prepared with how best to respond. Further, most of these attacks went unreported. In fact, over 4,000 ransomware attacks occurred each

[ Read More ]

Phishing attack on Torrance Memorial puts patient records at risk

Officials were unable to determine whether an April breach of the medical center’s emails exposed patient data. California-based Torrance Memorial Medical Center began notifying patients Monday that two email accounts containing work-related reports were hit by a phishing attack in April. Officials discovered unauthorized access to two email accounts on April 20. The unauthorized accessed

[ Read More ]

Expert tips on bracing for future WannaCry attacks

Hospital executives must embed security into organizational culture to be ready for the good, bad and ugly of ransomware attacks. And that’s not easy. The WannaCry cyberattack has implications for the future of healthcare security, especially as the recent Health Care Industry Cybersecurity Task Force report came out essentially saying that the healthcare industry is

[ Read More ]

How 3 hospital breaches went undetected for more than 3 years

Three healthcare information security incidents that happened more than 36 months ago were just discovered in May — highlighting the fact that hospitals continue struggling with breach detection. What’s more, the incidents were caused by employees. “All three of these events were, unfortunately, due to insiders, two of which seemed to be bad actors who

[ Read More ]

Defending Against Health Data Breaches: What’s Missing?

Data breaches will continue to plague the healthcare sector until the security mindset among senior leadership radically changes, says security and privacy expert Kate Borten, a former healthcare CISO. “Security is not a business imperative for most healthcare provider organizations today,” says Borten, founder and president of privacy and security consulting firm, The Marblehead Group.

[ Read More ]

Why Some of the Worst Cyberattacks in Health Care Go Unreported

A cyberattack last year paralyzed MedStar Health computers, forcing the Maryland operator of 10 hospitals and more than 300 outpatient centers to shut down its entire electronic-record system. Doctors logged patient details with pen and paper. Laboratory staff faced delays delivering test results.

[ Read More ]

HIT Hacking: Prevention is Better than Cure

By implementing cybersecurity best practices, healthcare CIOs and CISOs not only can thwart attacks on their IT systems but also make these less appealing targets for hackers, according to information security experts. David Nickelson, director of strategy and behaviour at Sapient Health, says these three tactics can help hospital security teams stay one step ahead

[ Read More ]