Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
News
30 Jul 2025
Healthcare remains costliest industry for breaches at $7.42M
Despite maintaining its status as the most expensive industry for data breaches, healthcare saw a sharp reduction from last year's cost of $9.77 million, IBM's annual report found. Continue Reading
-
News
29 Jul 2025
Governance gaps curb mobile device potential in healthcare
Shared-use mobile devices show promise for enhancing communication and patient care, but governance and access management gaps may hold healthcare back from realizing the benefits. Continue Reading
-
News
23 Jan 2020
DHS CISA Alerts to Spike in Emotet Malware Cyberattacks
Days after Proofpoint discovered the destructive malware had reemerged targeting the pharma sector, DHS CISA sent an alert to warn businesses of a spike in targeted Emotet cyberattacks. Continue Reading
-
News
20 Jan 2020
Emotet Reemerges with Massive Campaign Targeting Pharma Industry
One of the most disruptive hacking groups behind Emotet has returned after a lull around Christmas with a massive targeted campaign aimed at the pharmaceutical industry, Proofpoint says. Continue Reading
-
News
16 Jan 2020
Evasive Domain-Impersonation Phishing Attacks Increase by 400%
Barracuda says that while the number of domain-impersonation attempts are far fewer than other phishing attacks, the targeted, sophisticated nature makes them costly and tough to detect. Continue Reading
-
News
15 Jan 2020
NSA Discloses, Urges Patch of Critical Microsoft Windows 10 Vulnerability
In a rare move, the National Security Agency (NSA) shared its discovery of a critical vulnerability in Microsoft Windows 10 that may allow remote exploitation to steal sensitive data or install malware. Continue Reading
-
News
14 Jan 2020
Enloe Medical Remains in EHR Downtime 2 Weeks After Cyberattack
On Jan. 2, Enloe Medical Center in California was hit with a ransomware attack, which has forced the provider to operate under EHR downtime procedures for more than two weeks. Continue Reading
-
Answer
13 Jan 2020
Cybersecurity Impact of Microsoft’s End to Windows 2007 Support
Microsoft is ending support for Windows 2007 and two legacy platforms on Jan 14, which CynergisTek’s Clyde Hewitt says will rapidly increase cybersecurity risks to the healthcare sector. Continue Reading
-
News
13 Jan 2020
Feds Alert to Ongoing Cyberattacks on Unpatched Pulse VPN Servers
In April, Pulse Secure released patches for a flaw found in its VPN servers, which were being exploited to distribute malware. But some clients failed to secure the vulnerability and are at risk of cyberattacks. Continue Reading
-
News
10 Jan 2020
DHS Alerts to Citrix Server Vulnerabilities, Urges Remediation
DHS is urging companies to secure vulnerabilities found in certain Citrix servers that could be actively exploited by a hacker to run malicious code; security researchers are seeing an increase in scans seeking the flaw. Continue Reading
-
Answer
08 Jan 2020
Is Healthcare Prepared to Respond to Cyber Threats Beyond Ransomware?
DHS alerts on increasing cyber threats from Iran and healthcare struggles with ransomware reveal providers need better recovery plans to prepare for the next wave of cyberattacks. Continue Reading
-
News
07 Jan 2020
FBI Alerts to Rise in Maze Ransomware, Extortion Attempts
Hackers leveraging Maze ransomware are posing as legitimate security vendors and government agencies to steal and encrypt data for potential extortion attempts. Continue Reading
-
News
06 Jan 2020
LifeLabs Hit With Several Lawsuits Over Data Breach of 15M Patients
In December, the Canadian testing giant reported it paid cybercriminals to retrieve the data of 15 million patients; those breach victims have filed several lawsuits, claiming failure to adequately secure data. Continue Reading
-
News
03 Jan 2020
Cyber Threats Behind the Biggest Healthcare Data Breaches of 2019
Ransomware saw a resurgence in 2019, which disrupted patient care across the US. But third-party vendor breaches and phishing caused some of the largest healthcare data breaches of 2019. Continue Reading
-
News
02 Jan 2020
Georgia Revives Patient Breach Lawsuit Against Athens Orthopedic
The Supreme Court of Georgia unanimously agreed to revive a patient breach lawsuit against Athens Orthopedic Clinic for a June 2016 data hack and extortion allegedly by notorious "thedarkoverlord." Continue Reading
-
News
02 Jan 2020
DCH Health Faces Federal Lawsuit After 10-Day Ransomware Attack
Patients impacted by the 10-day EHR downtime at DCH Health in Alabama have filed a class-action lawsuit, claiming a ransomware attack on the three hospitals disrupted their medical care. Continue Reading
-
News
16 Dec 2019
3 Health IT Standards Driving Healthcare Interoperability in the US
Direct, FHIR, and cloud fax help healthcare organizations share information and are paving the path to semantic interoperability. Continue Reading
-
News
02 Dec 2019
Minimize Costs and Complexity With AI-Powered Identity Management
Healthcare organizations have access to volumes of data, but artificial intelligence can help improve identity management and achieve ROI. Continue Reading
-
News
19 Nov 2019
Number of Exposed PACS Medical Images Increasing, US Biggest Culprit
Researchers from Germany’s Greenbone Networks have seen a 60 percent increased in the number of PACS medical archive images left exposed online, with US patients most affected by the breach. Continue Reading
-
Feature
04 Oct 2019
Filling Healthcare Security Staffing Gaps with Virtual CISOs, Students
Over half of organizations still do not have a designated security leader; transitioning internships and virtual CISOs can fill some of those healthcare security staffing gaps. Continue Reading
-
News
09 Sep 2019
HSCC Shares Resource on Threat Information Sharing Organizations
HSCC released a new inventory of national information sharing organizations and key services, designed to help healthcare providers begin the shift into these crucial cybersecurity programs. Continue Reading
-
News
05 Aug 2019
Securing the Present and Future of Health IT Infrastructure
New approaches to health IT infrastructure bring with them novel threats to essential systems and sensitive data, signaling the need to modernize health data security efforts. Continue Reading
-
News
21 Mar 2019
UCLA Health Reaches $7.5M Settlement Over 2015 Breach of 4.5M
The settlement resolves claims around UCLA Health’s May 2015 health data breach of 4.5 million patient records, caused by a year-long hack on its network. Continue Reading
-
Feature
05 Feb 2019
What Is Cyber Insurance for Healthcare Organizations?
In the wake of recent data breaches, healthcare organizations are turning to cyber insurance to offset some of the costs. Here’s what they need to understand about assessing insurers and policies to ensure adequate coverage. Continue Reading
-
News
10 Jan 2019
Massive SingHealth Data Breach Caused by Lack of Basic Security
The lessons learned from Singapore’s breach serve as a reality check to U.S. health organizations still failing to educate users, apply patches, and other common security methods. Continue Reading
-
News
29 Oct 2018
Medical Devices and Other Endpoints Offer Attractive Targets to Attackers
Medical devices, mobile devices, and other endpoints offer attackers attractive targets that healthcare organizations need to secure to protect PHI and other sensitive assets. Continue Reading
-
News
02 Oct 2018
FDA Unveils MITRE’s Medical Device Security Playbook
The FDA released Oct. 1 a medical device security playbook it developed with MITRE to advise healthcare organizations on securing their medical equipment. Continue Reading
-
News
17 Sep 2018
Best Practices for Providers to Secure Patient Data
Increased vigilance, security best practices, and the right technology can help healthcare organizations secure patient data and stay one step ahead of cybercriminals. Continue Reading
-
Feature
08 Jun 2018
Perils of Healthcare Phishing and What You Can Do About It
Healthcare phishing is a real danger to everyone in healthcare. In fact, phishing has become the preferred method for hackers to breach healthcare organizations to steal valuable medical data and/or deploy ransomware. Continue Reading
-
Feature
04 May 2018
Defending Against Healthcare Ransomware Attacks
Healthcare ransomware attacks have become a security nightmare for many organizations over the last couple of years. Here's what you can do to lessen their impact on your organization. Continue Reading
-
News
29 Jul 2016
Preparing Against Current Healthcare Cybersecurity Threats
Healthcare cybersecurity threats are continuously evolving, and covered entities need to ensure that they are implementing necessary and applicable security measures. Continue Reading
-
News
11 Jul 2016
Should a Health Information Exchange Be Opt-In or Opt-Out?
Opt-in and opt-out policies both have pros and cons that providers must understand to determine which is ultimately better for their health information exchange. Continue Reading
-
Feature
03 Jun 2016
How Ransomware Affects Hospital Data Security
Healthcare ransomware is quickly becoming an industry buzzword, but what is it exactly and how can organizations improve their hospital data security? Continue Reading
-
News
01 Aug 2014
Healthcare access badges: Physical, logical access links
There are many and complex passwords that end users have to remember, but single sign-on (SSO) solutions and authentication management can help the process. Continue Reading
-
News
17 Jan 2014
MedAllies receives accreditation from EHNAC, DirectTrust
MedAllies has received accreditation from Direct Trusted Agent Accreditation Program (DTAAP) & Electronic Healthcare Network Accreditation Commission (EHNAC). Continue Reading
-
News
31 Oct 2013
Managing a health data breach with a response plan
David Dover, Privacy and Security Officer at Alere, can attest that Alere did make the effort to augment their security approach following a data breach. Continue Reading