Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
Podcast
23 Sep 2024
Implementing cyber hygiene best practices in healthcare
Applying best practices for cyber hygiene and employee security training can help healthcare organizations effectively mitigate cyber-risk. Continue Reading
By- Jill McKeon, Associate Editor
-
Tip
04 Sep 2024
Microsoft Purview Audit helps IT flush out bad behavior
The auditing tool gives enterprises a way to find problems by examining logs from Microsoft 365 cloud services, such as Exchange Online, to see what actions were taken and where. Continue Reading
By
-
News
20 Oct 2023
HC3 Details ServiceNow Cybersecurity Vulnerability, Potential Impacts on Healthcare
A recently discovered cybersecurity vulnerability in ServiceNow, a cloud computing platform used across the healthcare sector, may enable data exposure. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Oct 2023
FBI Warns Public About Phishing Attacks Against Plastic Surgery Offices, Patients
Cybercriminals have been targeting plastic surgery offices, providers, and patients with phishing attacks to deploy malware and harvest sensitive information, the FBI warned. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Oct 2023
NoEscape Ransomware Emerges, Targeting Healthcare
A suspected successor of Avaddon ransomware, NoEscape ransomware uses multi-extortion tactics to target multiple industries, including healthcare, HC3 warned. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
10 Oct 2023
What is a Zero-Day Attack, How Can Healthcare Defend Against Them?
Zero-day attacks pose significant dangers to the healthcare sector, but defenders can mitigate risk by patching early and often. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Oct 2023
Security Budget Growth Plateaus in Healthcare
While security budget growth continues on an upward trend, new research shows that healthcare and other sectors are increasing their budgets by a smaller amount this year compared to last year. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Sep 2023
Advanced Email Attacks Skyrocket in Healthcare
Abnormal Security observed a 167% increase in advanced email attacks in 2023, including business email compromise (BEC), phishing, malware, and extortion. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Sep 2023
HC3 Details North Korean, Chinese Cyber Threats to Healthcare Sector
HC3 shed light on the tactics of North Korean and Chinese cyber threat actors that pose a risk to the healthcare sector, such as APT43 and APT41. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Sep 2023
DHS Tackles Cyber Incident Reporting Inconsistencies With Report to Congress
DHS encouraged Congress to consider model definitions and timelines for reportable cyber incidents to help streamline critical infrastructure incident reporting processes. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Sep 2023
Lazarus Threat Group Targets Healthcare With ManageEngine Vulnerability
HC3 warned healthcare entities of the North Korean state-sponsored Lazarus Group, which has been leveraging a critical vulnerability found in two dozen ManageEngine products. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Sep 2023
Censinet, KLAS, Partners Announce Healthcare Cybersecurity Benchmarking Study Wave 3
Healthcare organizations are welcome to participate in the latest wave of the Healthcare Cybersecurity Benchmarking Study, co-sponsored by Censinet, KLAS, Health-ISAC, AHA, and HSCC. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Sep 2023
HC3 Warns Healthcare of Akira Ransomware Group
Akira ransomware group has claimed more than 60 victims since its emergence in March, including several in the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
13 Sep 2023
How HHS Plans to Prioritize Healthcare Cybersecurity
At the HIMSS Healthcare Cybersecurity Forum, HHS representatives discussed healthcare cybersecurity focus areas for the next 12 to 24 months. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Sep 2023
DOJ Charges Trickbot, Conti Cybercriminals Known For Targeting Critical Infrastructure
The DOJ charged multiple Russian cybercriminals over their involvement in Trickbot malware and Conti ransomware operations, including the Conti attack on Scripps Health. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Sep 2023
HIMSS Healthcare Cybersecurity Forum: Understanding, Tackling Top Cyber Threats
Top risks to healthcare cybersecurity include notorious ransomware groups, unpatched vulnerabilities, and the sector’s reliance on technology. Continue Reading
By- Jill McKeon, Associate Editor
-
News
06 Sep 2023
Surveyed Board Members See Generative AI as Cybersecurity Risk
The emergence of generative AI tools has board members on high alert, along with geopolitical tensions and the continued rise of ransomware attacks that threaten cybersecurity. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 Sep 2023
Joint Commission Releases Guidance on Preserving Patient Safety After Cyberattack
The healthcare accreditation organization urged healthcare organizations to form a downtime planning committee and take other actions to prioritize patient safety after a cyberattack. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
31 Aug 2023
Why Are Healthcare Data Breaches So Expensive?
The complexity and volume of health data, paired with its status as a highly regulated critical infrastructure sector, make healthcare data breaches more expensive than those in other sectors. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Aug 2023
FBI Takes Down Qakbot Malware Infrastructure
Along with international partners, the FBI disrupted Qakbot malware and seized more than $8.6 million in cryptocurrency. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Aug 2023
78% of Surveyed Healthcare Organizations Experienced a Cybersecurity Incident in Last Year
More than 60 percent of respondents reported a moderate or substantial impact on care delivery due to a cybersecurity incident, Claroty found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Aug 2023
HSCC Releases Updated Guidance On Information Sharing Best Practices
The document aims to help healthcare organizations establish and manage comprehensive cybersecurity threat information sharing programs. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Aug 2023
Healthcare Data Breach Volume Dips As Number of Compromised Records Rises
Despite an overall decrease in healthcare data breach volume in the first half of the year, the number of records compromised increased by 31% compared to the second half of 2022. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Aug 2023
Advocate Aurora Reaches $12.25M Settlement to Resolve Data Breach Lawsuit
Advocate Aurora Health suffered a data breach last year that impacted 3 million individuals, stemming from its use of tracking pixels. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
22 Aug 2023
Rural Healthcare Cybersecurity Aid Grows, But Challenges Persist
Rural healthcare cybersecurity has caught the attention of lawmakers as under-resourced hospitals grapple with complex security challenges. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Aug 2023
HHS Launches Digital Health Security Project to Protect Healthcare Infrastructure
Spearheaded by the Advanced Research Projects Agency for Health (ARPA-H), the DIGIHEALS project aims to ensure operational continuity amid a cyberattack. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Aug 2023
Orrick Law Firm's Security Mishap Leads to Healthcare Data Breach Lawsuit
The law firm, once counseled in a 2020 healthcare data breach lawsuit for a vision benefits plan manager, now grapples with one of its own. Continue Reading
By- Sarai Rodriguez
-
News
17 Aug 2023
Researchers Observe 59% Spike in Medical Device Security Vulnerabilities
Researchers found 993 vulnerabilities within 966 medical devices and products, some of which have been weaponized by advanced persistent threat groups. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
16 Aug 2023
What is SEO Poisoning, How Can Healthcare Defend Against It?
Threat actors lure victims into clicking on seemingly credible links by optimizing malicious web pages through a tactic known as SEO poisoning. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Aug 2023
Cyber Safety Review Board Underscores Risk of Lapsus$ Threat Group
MFA implementations commonly used across the digital ecosystem are not keeping Lapsus$ threat actors and others from gaining network access, the CSRB found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Aug 2023
NIST Releases Draft of Expanded Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) 2.0 reflects changes in the cybersecurity landscape and expands the framework to apply to entities beyond critical infrastructure. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Aug 2023
CISA Maps Out Next Moves in New Cybersecurity Strategic Plan
CISA’s FY2024-2026 Cybersecurity Strategic Plan guides the agency toward its goals of addressing immediate threats, hardening the terrain, and driving security at scale. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
10 Aug 2023
What the US Cyber Trust Mark Means for IoT Security in Healthcare
The US Cyber Trust Mark would provide consumers with cybersecurity assurances for smart devices and could have implications for healthcare in the future. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Aug 2023
Rhysida Ransomware Emerges as Latest RaaS Threat Group
Rhysida is a new ransomware-as-a-service group that leverages phishing and Cobalt Strike exploits to access victim networks and deploy ransomware. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Aug 2023
CISA, International Partners Identify Top Routinely Exploited Vulnerabilities
Threat actors commonly target outdated software vulnerabilities, but many organizations still lag in timely patching of known flaws, CISA said. Continue Reading
By- Sarai Rodriguez
-
News
04 Aug 2023
Infostealing Malware Remains Top Threat to Healthcare
The BlackBerry Global Threat Intelligence Report identified healthcare and finance as the top two most targeted sectors in recent months. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
02 Aug 2023
How the Health3PT Council Addresses Third-Party Risk Management Woes
A coalition of healthcare CISOs makes up the Health 3rd Party Trust (Health3PT) Council, an organization dedicated to improving third-party risk management in healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
31 Jul 2023
Biden Administration Unveils National Cyber Workforce and Education Strategy
The National Cyber Workforce and Education Strategy (NCWES) aims to fill cyber workforce vacancies across the country and improve diversity and inclusion in the field. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Jul 2023
CISA Releases Advisory On Preventing Web Application Access Control Abuse
CISA and partners released a cybersecurity advisory to warn vendors, developers, and end-users about insecure direct object reference (IDOR) vulnerabilities in web applications. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Jul 2023
FL Senator Urges FBI to Prioritize Tampa General Cyberattack Investigation
Senator Rick Scott urged the bureau to identify and arrest the perpetrators behind a recent cyberattack at Tampa General Hospital that impacted 1.2 million people. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
27 Jul 2023
How Providers Can Defend Against AI-Assisted Cyberattacks
Threat actors may leverage AI tools such as ChatGPT to accelerate healthcare cyberattacks and advance their goals of data exfiltration. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
25 Jul 2023
How Did This Happen? Understanding the Issue of Third-Party Tracking Tech in Healthcare
Third-party tracking tech on hospital websites has resulted in numerous data breaches in the past year, prompting questions about how this tech can be used in a compliant manner. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Jul 2023
Average Cost of Healthcare Data Breach Reaches $11M
The cost of a healthcare data breach has soared 53% since 2020, IBM’s latest report revealed. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Jul 2023
AI, Ransomware Remain Prevalent in Evolving Cybersecurity Landscape
The latest Trustwave SpiderLabs report highlights generative AI, ransomware, and IoT exposure as key threats shaping healthcare's evolving cybersecurity landscape. Continue Reading
By- Sarai Rodriguez
-
News
17 Jul 2023
How Threat Actors Leverage AI to Advance Healthcare Cyberattacks
Threat actors are using AI to develop phishing emails, exploit vulnerabilities, and execute healthcare cyberattacks, HC3 warned in its latest brief. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Jul 2023
Veterans Affairs OIG Finds Cybersecurity Deficiencies at AZ Health System
The VA Office of Inspector General discovered several security issues at the Northern Arizona VA Healthcare System, including vulnerability management deficiencies. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Jul 2023
White House Issues National Cybersecurity Strategy Implementation Plan
Eighteen agencies are spearheading initiatives to achieve the Biden-Harris Administration’s National Cybersecurity Strategy implementation goals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jul 2023
MedCrypt, Kansas State University Launch Medical Device Security Research Project
MedCrypt and Kansas State University will embark on a joint project to quantify regulatory and cybersecurity risks in the medical field. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jul 2023
Security Flaws Found in Software Development Kit Used for Telemedicine Services
A new architecture and API are now available to remediate critical vulnerabilities in the QuickBlox software development kit and API used for telemedicine platforms. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Jul 2023
KLAS: This Year’s Top Healthcare IoT Security Vendors
IoT security tools can help healthcare organizations manage risk and gain visibility into their ever-expanding network of connected devices. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Jul 2023
CISA Warns of Truebot Activity Infecting US Networks
Cyber threat actors have been leveraging new malware variants of Truebot to exfiltrate information from targets. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Jul 2023
HSCC Releases Cybersecurity Coordinated Incident Response Template
The Health Industry Cybersecurity Coordinated Healthcare Incident Response publication provides organizations with a template for developing a thorough incident response plan. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Jul 2023
Kronos Reaches $6M Settlement Over Ransomware Attack
HR management solutions provider Kronos suffered a ransomware attack on its cloud solution in 2021 that impacted many healthcare organizations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Jun 2023
Medtronic Discloses Cybersecurity Vulnerability in Paceart Optima System
The cybersecurity vulnerability in Medtronic’s Paceart Optima system may result in remote code execution or a denial-of-service condition. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Jun 2023
Healthcare Organizations Increase IT Budgets As Cybersecurity Concerns Rise
As healthcare organizations continue to focus on digital transformation, IT budgets are steadily increasing to reflect cybersecurity challenges and cloud deployment goals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Jun 2023
SEO Poisoning Attacks Increase Across Healthcare
Threat actors have been leveraging search engine optimization (SEO) poisoning tactics to trick users into clicking on malicious links, HC3 warned. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Jun 2023
CA Hospital Settles Cybersecurity Case, Pledges $460K to Upgrades
Good Samaritan Hospital settled a class-action lawsuit that alleged its inadequate cybersecurity measures were responsible for a 2020 data breach. Continue Reading
By- Sarai Rodriguez
-
News
22 Jun 2023
Healthcare Business Associate Faces Lawsuit Over March Cyberattack
Onix Group suffered a ransomware attack in March 2023 that resulted in a data breach impacting nearly 320,000 individuals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jun 2023
Trust Emerges as Cybersecurity Issue for 42% of Security Decision-Makers
Even though cybersecurity trust is clearly an issue, some trust is also misplaced, with 66 percent of security leaders trusting employees to prevent cyberattacks more than their own teams. Continue Reading
By- Sarai Rodriguez
-
News
21 Jun 2023
Exploring The Role of Cyber Resilience in Digital Transformation Efforts
Organizations that prioritize aligning cybersecurity with business objectives are 18% more likely to achieve target revenue growth and 26% more likely to lower data breach costs, Accenture found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
19 Jun 2023
TimisoaraHackerTeam Ransomware Attacks US Cancer Center
The little-known ransomware group launched an attack against a US cancer center in June 2023, rendering digital services unavailable and limiting the center’s patient care capabilities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
19 Jun 2023
DOJ Charges Russian National For Role in LockBit Ransomware Attacks
The Justice Department made its second LockBit ransomware-related arrest of the year, chipping away at one of the most prolific ransomware variants. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Jun 2023
Progress Software Discloses Another MOVEit Cybersecurity Vulnerability
The newly discovered cybersecurity vulnerability could lead to escalated privileges and potential unauthorized access if exploited. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Jun 2023
HC3 Advises Healthcare Sector to Prioritize Cyber Defense Against FIN11
HC3 details FIN11's track record of exploiting zero-day vulnerabilities in the healthcare sector, particularly using Clop ransomware. Continue Reading
By- Sarai Rodriguez
-
News
14 Jun 2023
CISA, Partners Release LockBit Ransomware Cybersecurity Advisory
LockBit was the most active ransomware group and RaaS provider in 2022, targeting organizations across the world. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Jun 2023
IL Rural Hospital Cites Cyberattack As Factor in Closing Doors
St. Margaret’s Health in Spring Valley and Peru, Illinois will close its doors, citing a 2021 cyberattack, the COVID-19 pandemic, and ongoing staffing shortages as key factors in the decision. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jun 2023
Revenue Cycle Vendor Discloses Breach Tied to Fortra GoAnywhere Hack
Intellihartx disclosed a data breach impacting 490,000 individuals that stemmed from the Fortra GoAnywhere vulnerability. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jun 2023
HC3 Guidance Explores Cyber Threat Actors Targeting Healthcare
HC3’s latest guidance provides healthcare defenders with a detailed overview of the types of cyber threat actors threatening the sector, such as cybercriminals, hacktivists, and insider threats. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Jun 2023
Cybersecurity Incident at MercyOne Triggers Potential Patient Data Loss
MercyOne Clinton Medical Center in Iowa is actively working on network restoration following a cybersecurity incident that disrupted its systems. Continue Reading
By- Sarai Rodriguez
-
News
08 Jun 2023
Clop Ransomware Gang Exploiting MOVEit Cybersecurity Vulnerability
CISA and the FBI released a joint cybersecurity advisory to warn organizations about Clop ransomware’s interest in the recently discovered MOVEit Transfer software cybersecurity vulnerability. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Jun 2023
CISA Releases Guidance For Securing Remote Access Software
CISA issued a guidance document to help organizations balance the functionality of remote access software with potential cyber risks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Jun 2023
Social Engineering, Ransomware Continue to Dominate Cyberattack Trends, Verizon Says
Verizon’s annual Data Breach Investigations Report shed light on 2022 cyberattack trends, highlighting the prevalence of social engineering, ransomware, and basic web application attacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
06 Jun 2023
Cybersecurity Vulnerability in MOVEit Transfer Software Poses Threat to Healthcare
Progress Software disclosed a critical cybersecurity vulnerability in its MOVEit Transfer software, which is commonly used across healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Jun 2023
Healthcare CISOs Prioritize Cybersecurity Budgets Amid Economic Downturn
A new survey reveals that 58 percent of CISOs have boosted their cybersecurity budgets and 42 percent are aiming to further these budgets within the next year. Continue Reading
By- Sarai Rodriguez
-
Feature
01 Jun 2023
Key Ways to Prepare For Revamped Medical Device Security Requirements
Medical device manufacturers will have to adjust their premarket activities to prepare for Oct. 1st, when the FDA will begin refusing medical device submissions for cybersecurity reasons. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 May 2023
CommonSpirit Raises Estimated Losses From Ransomware Attack to $160M
The figure is a $10 million increase from CommonSpirit’s last quarterly report, showing that losses from the October ransomware attack may be higher than previously thought. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 May 2023
NY AG Fines Practicefirst $550K For Failure to Protect Health Records
Practice management vendor Practicefirst suffered a data breach in 2020 that impacted 1.2 million individuals and potentially exposed health records and other personal information. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 May 2023
CISA, Partners Revamp Ransomware Prevention Guide
The #StopRansomware Guide provides organizations with best practices for detecting, preventing, and responding to ransomware attacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 May 2023
Implementing a Zero Trust Architecture For Medical Device Security
A new report from the Cloud Security Alliance makes the case for implementing a zero trust architecture to strengthen medical device security efforts. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 May 2023
CISA Issues Cybersecurity Advisory Regarding BianLian Ransomware Group
BianLian ransomware group has deployed ransomware attacks against multiple critical infrastructure sectors since June 2022, CISA’s latest advisory states. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 May 2023
House Committee Hearing Sheds Light On HHS Approach to Healthcare Cybersecurity
The deputy director at the ASPR Office of Preparedness at HHS testified before a House committee on the agency’s healthcare cybersecurity efforts. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 May 2023
EyeMed Vision Care Reaches $2.5M Settlement Over Multistate Data Breach
This marks the third settlement EyeMed has reached over a 2020 data breach that impacted 2.1 million individuals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 May 2023
US Formally Charges Russian Hacker Behind Global Ransomware Attacks
Mikhail Pavlovich Matveev was suspected of deploying LockBit, Babuk, and Hive ransomware to attack critical infrastructure, including a New Jersey healthcare provider. Continue Reading
By- Sarai Rodriguez
-
News
16 May 2023
Maxim Healthcare Reaches Settlement Over 2021 Data Breach Case
The company, which admitted the 2021 data breach had impacted over 28K, has agreed to pay victims up to $5K, covering extraordinary costs. Continue Reading
By- Sarai Rodriguez
-
News
15 May 2023
Senators Introduce Rural Hospital Cybersecurity Enhancement Act
The Rural Hospital Cybersecurity Enhancement Act aims to address cybersecurity workforce gaps and improve cybersecurity training at rural healthcare facilities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 May 2023
Malicious Bot Activity On the Rise in Healthcare
Healthcare websites saw more than 31 percent of all traffic originating from bots, Imperva’s latest Bad Bot Report revealed. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 May 2023
HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software
Threat actors have been leveraging a vulnerability in Veeam Backup & Replication software to gain network access and execute malicious code. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 May 2023
Healthcare Cyberattacks Linked to Disruptions at Neighboring Hospitals, Study Finds
A study published in JAMA Network Open observed longer wait times and other disruptions at nearby hospitals in the wake of a healthcare cyberattack. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 May 2023
SuperCare Health Reaches $2.25M Data Breach Settlement Over Alleged Negligence
The respiratory care provider settled a data breach lawsuit, in which SuperCare was accused of negligent cybersecurity practices, which put PII in harm’s way. Continue Reading
By- Sarai Rodriguez
-
News
08 May 2023
41% of IT Decision-Makers Back Passwordless Authentication for Stronger Identity Security
Adoption of passwordless authentication is rising, with 49 percent of IT leaders deploying or planning to deploy amid data breach concerns and a shift towards enhanced identity security. Continue Reading
By- Sarai Rodriguez
-
News
04 May 2023
Lawsuit Accuses Iowa Health System of Sharing Data With Facebook
The plaintiff alleged that the University of Iowa Hospitals & Clinics unlawfully disclosed personal information to Facebook via its use of tracking pixels. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 May 2023
Clop, LockBit Leveraging 3 Known Vulnerabilities in Healthcare Ransomware Attacks, HHS Warns
Two Ransomware-as-a-Service groups, Clop and LockBit, have been leveraging known vulnerabilities in Fortra’s GoAnywhere MFT solution and installations of PaperCut to target healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Apr 2023
91% of Orgs Expect to Increase Cybersecurity Budgets in Next Year
Surveyed security leaders are prioritizing investments in the latest tools, but technology alone cannot mitigate ransomware risk. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Apr 2023
Health3PT Unveils First Actions to Address Third-Party Risk Management
The Health3PT Initiative tackles third-party risk management challenges with standardized assessments for 15,000 vendors, a Third-Party Risk Industry Survey, recommended practices, and a Vendor Directory plan. Continue Reading
By- Sarai Rodriguez
-
News
25 Apr 2023
Healthcare Is More Reactive Than Proactive When It Comes to Cybersecurity, KLAS, AHA, Censinet Find
KLAS, AHA, and Censinet released the first iteration of the Healthcare Cybersecurity Benchmarking Study, highlighting the areas in which healthcare cybersecurity is maturing and where there is room for growth. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Apr 2023
SEO Poisoning, Cobalt Strike Abuse, Emotet Continue to Threaten Healthcare Cybersecurity
BlackBerry’s quarterly Global Threat Intelligence Report shed light on recent cyberattack tactics used against healthcare, including SEO poisoning and Cobalt Strike abuse. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Apr 2023
1 in 5 Connected Medical Devices Run On Unsupported Operating Systems
What’s more, nearly 40 percent of analyzed nurse call systems had critical severity unpatched vulnerabilities, Armis found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Apr 2023
Threat Actors Deviate From Common Tactics in Global Cyberattacks, Mandiant Observes
Persistent adversaries are willing to stray from their tried-and-true cyberattack methods in order to target victim organizations, Mandiant noted in its M-Trends 2023 report. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Apr 2023
Quantifying the Financial Impact of Healthcare Ransomware Attacks
Organizations in the healthcare, manufacturing, and utilities sectors may have up to 30% of their operating income at risk in the aftermath of a ransomware attack on average, ThreatConnect found. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
19 Apr 2023
3 Best Practices For Maturing Healthcare Third-Party Risk Management
Panelists discussed top third-party risk management challenges and best practices at the HealthITSecurity Virtual Summit. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Apr 2023
CISA Reveals Enhanced Zero Trust Maturity Model
The updated Zero Trust Maturity Model features five adaptable pillars, facilitating gradual progress towards optimized zero trust architecture for organizations. Continue Reading
By- Sarai Rodriguez
-
News
18 Apr 2023
55% of Surveyed Healthcare Workers Believe Security Policies Keep Up With New Tech
Nearly a quarter of surveyed healthcare workers reported thinking that generative AI tools are safe to use at work, but just 55% of respondents agreed that their organization’s security policies were keeping up with new tools and technologies. Continue Reading
By- Jill McKeon, Associate Editor