Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
Podcast
23 Sep 2024
Implementing cyber hygiene best practices in healthcare
Applying best practices for cyber hygiene and employee security training can help healthcare organizations effectively mitigate cyber-risk. Continue Reading
By- Jill McKeon, Associate Editor
-
Tip
04 Sep 2024
Microsoft Purview Audit helps IT flush out bad behavior
The auditing tool gives enterprises a way to find problems by examining logs from Microsoft 365 cloud services, such as Exchange Online, to see what actions were taken and where. Continue Reading
By
-
News
16 Mar 2022
DOJ Settles First Case Under Civil Cyber-Fraud Initiative
In the DOJ’s first settlement under the Civil Cyber-Fraud Initiative, Comprehensive Health Services agreed to pay $930,000 to resolve False Claims Act allegations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Mar 2022
Healthcare Practices Cyber Incident Response Less Than Most Sectors
Research revealed that healthcare and other critical infrastructure sectors conducted cyber incident response exercises far less often than other industries. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Mar 2022
Conti Ransomware Group Continues to Threaten Healthcare
CISA re-released its advisory on Conti ransomware group, which claimed responsibility for at least 16 US healthcare cyberattacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Mar 2022
HSCC Focuses On Medical Device Security in New Contract Language Template
HSCC released a contract language template for healthcare organizations to use to ensure medical device security when working with device manufacturers. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Mar 2022
7 New Vulnerabilities Threaten Supply Chain, Medical Device Security
Forescout's Vedere Labs and CyberMDX discovered seven new vulnerabilities in the PTC Axeda agent that could jeopardize supply chain and medical device security. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Mar 2022
HC3 Outlines History of Healthcare Cybersecurity From 1980s to Now
HC3 issued a comprehensive history of major healthcare cybersecurity events spanning from the 1980s to today in order to inform future defense strategies. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Mar 2022
An Investment in Cybersecurity Is an Investment in Patient Care
Cybersecurity must be treated as a top priority for healthcare organizations to ensure their ability to deliver high-quality patient care. Continue Reading
By- SecureLink an Imprivata Company
-
News
04 Mar 2022
BD Discloses Viper, Pyxis Medical Device Vulnerabilities
Becton, Dickinson and Company (BD) disclosed medical device vulnerabilities in its Viper and Pyxis products that allow for the use of hard-coded credentials. Continue Reading
By- Jill McKeon, Associate Editor
-
News
04 Mar 2022
Healthcare IoT, Medical Device Vulnerability Disclosures Skyrocket
Healthcare IoT, IT, and medical device vulnerability disclosures are steadily increasing, demonstrating a need for better ICS security, Claroty found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Mar 2022
75% of Infusion Pumps Contain Known Security Gaps, Report Finds
In 75% of more than 200,000 analyzed infusion pumps, researchers found known security gaps warranting significant medical device security concerns. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Mar 2022
Conti, Karma Ransomware Groups Target 1 Healthcare Org Simultaneously
Sophos disclosed an unusual case of two separate ransomware gangs targeting one healthcare organization simultaneously. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 Mar 2022
Employee Cyber Hygiene Is Critical to Healthcare Cybersecurity
Poor employee cyber hygiene can endanger even the strongest healthcare cybersecurity architectures. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 Mar 2022
OCR Director Urges Healthcare to Prioritize Cybersecurity This Year
OCR director Lisa J. Pino urged healthcare organizations to prioritize cybersecurity in 2022 as cyberattacks burden the sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Feb 2022
Destructive Malware Used to Target Ukraine Poses Threat to Healthcare
HermeticWiper and WhisperGate, destructive malware variants used to target Ukraine, pose an increased threat to healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Feb 2022
NIST Requests Public Comments On Improving Cybersecurity Framework
NIST issued a request for information to gather feedback on improving its Cybersecurity Framework, which serves as the gold standard for managing cyber threats. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Feb 2022
AHA: Russia’s Invasion of Ukraine Could Lead to Healthcare Cyberattacks
Hospitals and health systems should remain on high alert for healthcare cyberattacks now that Russia’s invasion of Ukraine has begun, AHA said. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Feb 2022
Log4j Vulnerabilities Put Strain on Overburdened Cybersecurity Workforce
Log4j vulnerabilities have tested organizations worldwide and may continue to have long-term effects on the cybersecurity workforce. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Feb 2022
HHS Warns of EMR, EHR Security Risks
HHS' latest brief emphasized the severity of EMR and EHR security risks and urged organizations to implement technical safeguards. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
17 Feb 2022
AI in Healthcare Presents Need for Security, Privacy Standards
Duke, Mayo Clinic, and DLA Piper are teaming up to ensure that security, privacy, and safety are top-of-mind when implementing AI in healthcare. Continue Reading
By- Jill McKeon, Associate Editor
-
News
16 Feb 2022
CaptureRx to Consider Filing For Bankruptcy if $4.75M Settlement Not Approved
CaptureRx will “strongly consider” filing for bankruptcy if a $4.75 million settlement to resolve data breach mishandling allegations is not approved. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Feb 2022
KLAS: Evaluating Top Healthcare IoT Security Vendors
KLAS named Medigate, Ordr, and Armis as top healthcare IoT security vendors, all of which can help organizations manage connected device security risks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Feb 2022
Ransomware Demands, Data Leaks Skyrocketed Last Year
The 2022 CrowdStrike Global Threat Report found an 82% increase in data leaks resulting from ransomware as well as an increase in ransomware demands. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Feb 2022
Inmediata Health Reaches $1.13M Settlement After 2019 Data Breach
Inmediata Health Group reached a $1.13 million settlement to resolve a class-action lawsuit that stemmed from a 2019 Data Breach. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Feb 2022
CISA Observes Increased Critical Infrastructure Ransomware Threats
CISA, the FBI, and the NSA observed ransomware attacks against 14 of the 16 US critical infrastructure sectors last year. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
10 Feb 2022
How to Effectively Communicate Healthcare Cyber Risks to C-Suite Execs
To effectively communicate healthcare cyber risks to C-suite executives, cybersecurity professionals must translate technical jargon into business deliverables. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
10 Feb 2022
Importance of API Security in Healthcare Grows as Cyberattacks Increase
As more organizations rely on APIs to run critical functions, ensuring API security in healthcare is crucial to preventing cyberattacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Feb 2022
Critical SAP Vulnerabilities Could Lead To Cyberattacks If Not Patched
Critical SAP vulnerabilities could lead to cyberattacks, data theft, and mission-critical business disruptions, CISA warned. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Feb 2022
FBI, HHS Warn of LockBit 2.0 Ransomware Indicators of Compromise
Following the FBI’s flash alert about LockBit 2.0 ransomware indicators of compromise, HHS warned of the RaaS group’s threat to the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Feb 2022
Judge Proposes Dismissal of Practicefirst Data Breach Lawsuit
A judge moved to dismiss a data breach lawsuit against medical management company Practicefirst, citing insufficient evidence of actual harm. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Feb 2022
Ireland HSE Cyberattack is a Cautionary Tale For US Healthcare Orgs
HC3 urged US healthcare organizations to learn from the May 2021 Conti cyberattack attack against the Ireland HSE that led to a nationwide IT outage. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
07 Feb 2022
Navigating The Highly Saturated Healthcare Cybersecurity Market
With a highly saturated healthcare cybersecurity market, healthcare organizations may find it difficult to choose vendors and make investment decisions. Continue Reading
By- Jill McKeon, Associate Editor
-
News
02 Feb 2022
Cyber Insurance Does Not Replace Need For Cybersecurity Program
Cyber insurance can help healthcare organizations manage the fallout from cyberattacks, but it does not eliminate the need for a comprehensive cybersecurity program. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 Feb 2022
BlackMatter Ransomware Group No Longer Active, HC3 Says
BlackMatter ransomware group, which orchestrated cyberattacks against healthcare organizations, appears to have shut down operations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
01 Feb 2022
Healthcare Sector Spearheads SBOM Adoption to Support Cybersecurity
Healthcare is pioneering SBOM adoption due to growing cybersecurity concerns and the FDA’s recent medical device security guidance, the Linux Foundation found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
31 Jan 2022
Unpatched Vulnerabilities Remain Primary Ransomware Attack Vector
Cybercriminals continually look to unpatched vulnerabilities such as Log4j and others as primary ransomware attack vectors. Continue Reading
By- Jill McKeon, Associate Editor
-
News
31 Jan 2022
Cyberattacks Against Health Plans, Business Associates Increase
Cyberattacks against health plans and business associates increased significantly last year, a Critical Insight report found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Jan 2022
Excellus, BCBSA Reach Settlement Following 2015 Data Breach
Excellus and Blue Cross Blue Shield Association reached a settlement in a class-action lawsuit resulting from a 2015 data breach that impacted 10.5 million people. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Jan 2022
DHS Warns of Potential Russian Cyberattacks on Critical Infrastructure
As tensions mount between the US, Russia, and Ukraine, DHS warned of potential Russian cyberattacks against US critical infrastructure. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Jan 2022
Memorial Health Faces Lawsuit After Hive Ransomware Cyberattack
Hive ransomware group claimed responsibility for an August 2021 cyberattack against Memorial Health System, and victims are now demanding answers. Continue Reading
By- Jill McKeon, Associate Editor
-
News
26 Jan 2022
NY Fines EyeMed $600K in Wake of Healthcare Data Breach Impacting 2.1M
EyeMed allegedly failed to implement multi-factor authentication and proper password management, leading to a 2020 healthcare data breach that impacted 2.1M people. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
25 Jan 2022
As Adoption of Edge Computing in Healthcare Grows, So Do Security Needs
Edge computing in healthcare is growing alongside 5G, but organizations should expect to make big investments to ensure edge security. Continue Reading
By- Jill McKeon, Associate Editor
-
Answer
25 Jan 2022
Threat Actors Shift Tactics, Targets As Ransomware Evolves
As ransomware continues to evolve, threat actors are favoring double extortion, RaaS, and software vulnerability exploits. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Jan 2022
HC3: Healthcare Adversaries Are Actively Leveraging Log4j Vulnerabilities
HC3 issued a detailed brief regarding Log4j vulnerabilities, which are being actively exploited by known healthcare adversaries. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jan 2022
53% of Connected Medical Devices Contain Critical Vulnerabilities
Cynerio also found that 73 percent of IV pumps have a vulnerability that could jeopardize patient safety and privacy if exploited. Continue Reading
By- Jill McKeon, Associate Editor
-
News
21 Jan 2022
Cyberattacks Will Be The Top Health Tech Hazard This Year, ECRI Says
After cyberattacks, ECRI predicted that supply chain problems and damaged infusion pumps are likely to cause issues in the health tech space this year. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Jan 2022
CISA: Every Organization in the US is at Risk From Cyber Threats
CISA warned US organizations to remain vigilant and review guidance surrounding Russian state-sponsored cyber threats. Continue Reading
By- Jill McKeon, Associate Editor
-
News
19 Jan 2022
Accellion Settles Class-Action Lawsuit for $8.1M Following Data Breach
Accellion reached an $8.1 million settlement following a 2020 cyberattack that impacted millions of individuals. Continue Reading
By- Jill McKeon, Associate Editor
-
News
18 Jan 2022
Russian Intelligence Agency Arrests REvil Ransomware Gang Members
Russia’s FSB intelligence agency detained multiple individuals associated with the REvil ransomware gang, responsible for the Colonial Pipeline cyberattack. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Jan 2022
BioPlus Specialty Pharmacy Faces Lawsuit Over Healthcare Data Breach
Florida-based BioPlus Specialty Pharmacy allegedly failed to safeguard PII and notify patients of a healthcare data breach that impacted 350K, the lawsuit claimed. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Jan 2022
Lasting Effects of Kronos Cyberattack Ripple Through Healthcare
A December cyberattack on HR management solutions provider Kronos is having lasting effects on healthcare workforce management and payroll services. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Jan 2022
Cyberattacks Increase Mortality Rates, But Healthcare Is In Denial
At a WEDI conference, Joshua Corman, chief strategist of CISA’s COVID task force, urged the healthcare sector to get realistic about the dismal consequences of cyberattacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jan 2022
Critical, “Wormable” Microsoft Vulnerability Could Lead to Cyberattacks
The Microsoft HTTP Protocol Stack RCE vulnerability is “wormable,” meaning no human interaction is required for the cyberattack to spread. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Jan 2022
FBI, CISA, NSA Warn of Russian Cyber Threats to Critical Infrastructure
The FBI, CISA, and the NSA released a joint advisory about Russian state-sponsored cyber threats and urged US critical infrastructure to remain vigilant. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
11 Jan 2022
Adopting Defense In Depth Strategies to Combat Healthcare Cyberattacks
The AHA’s John Riggi and Attivo Networks' Carolyn Crandall share insights on how organizations can navigate current healthcare cyber threats by using defense in depth strategies. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Jan 2022
Mespinoza, Pysa Ransomware Pose Threat to Healthcare Cybersecurity
HC3 warned the sector of Mespinoza, a cybercriminal group that operates Pysa ransomware and has a history of targeting healthcare entities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Jan 2022
Microsoft Warns of Continued Log4j Exploitation Attempts
Microsoft observed high rates of Log4j exploitation attempts in the final week of December and warned organizations to remain vigilant. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Jan 2022
CSA Guidance Addresses Security, Privacy Risks of AI in Healthcare
Although experts forecast a promising future for AI in healthcare, security and privacy risks must be considered alongside benefits. Continue Reading
By- Jill McKeon, Associate Editor
-
News
07 Jan 2022
EHR Vendor QRS Faces Lawsuit After Healthcare Cyberattack
The plaintiff argued that the August ransomware attack on EHR vendor QRS, which impacted 320,000 individuals, was the result of inadequate PHI security measures. Continue Reading
By- Jill McKeon, Associate Editor
-
News
30 Dec 2021
HSCA Releases Cybersecurity Guidelines for Medical Device Manufacturers
The Healthcare Supply Chain Association released guidelines for medical device manufacturers and providers regarding cybersecurity and patient privacy. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Dec 2021
Security Professionals View Ransomware and Terrorism as Equal Threats
More than half of surveyed security professionals reported viewing ransomware and terrorism as equal threats, echoing the DOJ’s sentiments. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Dec 2021
Industry Experts Team Up to Advance Cybersecurity With AI
The C3.ai Digital Transformation Institute invited industry experts to submit proposals for advancing cybersecurity with AI in order to secure critical infrastructure. Continue Reading
By- Jill McKeon, Associate Editor
-
News
28 Dec 2021
AMA Encourages Health App Developers to Implement “Privacy by Design”
AMA released guidance for health app developers to help them navigate health data governance and equitable digital health data collection. Continue Reading
By- Jill McKeon, Associate Editor
-
News
27 Dec 2021
CISA Warns of 13 Vulnerabilities in Fresenius Kabi Infusion Systems
Successful exploitation of the vulnerabilities in Fresenius Kabi Agilia Connect Infusion Systems could allow for malicious activity and the exposure of sensitive information. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Dec 2021
CISA Urges Critical Infrastructure to Prepare For Holiday Cyber Threats
CISA urged critical infrastructure leaders to prepare for the impending holiday cyber threats by increasing organizational vigilance and implementing best practices. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Dec 2021
HHS 405(d) Urges Healthcare Sector to Prioritize Log4j Vulnerability
The Log4j vulnerability poses a serious threat to the healthcare sector, and most legacy systems cannot be patched. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Dec 2021
To Combat Ransomware Attacks, Communication With C-Suite is Essential
A study from (ISC)² shows that C-suite executives are looking for clearer communication and guidance from cybersecurity leaders when it comes to combatting ransomware attacks. Continue Reading
By- Jill McKeon, Associate Editor
-
News
20 Dec 2021
Diagnostic Artificial Intelligence Models Can Be Tricked By Cyberattacks
Researchers discovered that diagnostic artificial intelligence models used to detect cancer were fooled by cyberattacks that falsify medical images. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Dec 2021
NJ Provider Settles Two Healthcare Data Breach Investigations For $425K
Regional Cancer Care Associates will pay $425,000 and adopt new security measures to settle two healthcare data breach investigations. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Dec 2021
39 Ransomware Groups Targeted Healthcare in the Past 18 Months
A dozen ransomware groups targeted healthcare despite making promises to not go after the sector, CyberPeace Institute data revealed. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Dec 2021
CISA Warns of Authentication Vulnerabilities in Cardiology Products
Successful exploitation of authentication vulnerabilities in certain Hillrom Welch Allyn cardiology products may allow cybercriminals to access privileged accounts, CISA warned. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Dec 2021
Majority of Patients Don’t Trust Healthcare Providers to Handle PII
Less than half of surveyed patients reported trusting their healthcare providers to safeguard their payment and personally identifiable information (PII). Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 Dec 2021
Severe Apache Log4j Vulnerabilities Could Result in Healthcare Cyberattacks
HC3 issued a sector alert regarding severe Apache Log4j vulnerabilities that could result in healthcare cyberattacks if exploited. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Dec 2021
Weak Passwords, Poor Cyber Hygiene Invite Healthcare Data Breaches
Preventing healthcare data breaches requires all end-users to practice better password management and cyber hygiene. Continue Reading
By- Jill McKeon, Associate Editor
-
News
13 Dec 2021
Trust in Legacy IT Vendors Drops as Supply Chain Security Issues Increase
As trust in legacy IT vendors declines, supply chain security issues are increasing and organizations are reporting higher ransomware payout demands and extortion fees. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
10 Dec 2021
Why Endpoint Security is Critical For Healthcare Cybersecurity
Endpoint security should be the cornerstone of any healthcare organization’s cybersecurity architecture. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Dec 2021
Workforce Burnout Presents Cybersecurity Risks, Report Finds
People suffering from workforce burnout are more apathetic and lenient about cybersecurity risks and policies, researchers found. Continue Reading
By- Jill McKeon, Associate Editor
-
News
09 Dec 2021
FBI Warns Healthcare of Cuba Ransomware in Latest Flash Alert
Cuba ransomware actors have compromised 49 entities in five critical infrastructure sectors including healthcare, a new FBI flash alert warned. Continue Reading
By- Jill McKeon, Associate Editor
-
News
08 Dec 2021
Sabbath Ransomware Targeting Healthcare, Mandiant Warns
Sabbath ransomware, previously operating as Arcane and Eruption, has been targeting healthcare and critical infrastructure, Mandiant warned. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
07 Dec 2021
Is Killware Really the Next Evolution of Healthcare Ransomware Attacks?
"Killware" may sound more threatening, but traditional, financially motivated cyberattacks are still the biggest risk to healthcare cybersecurity. Continue Reading
By- Jill McKeon, Associate Editor
-
News
06 Dec 2021
HHS Launches New Website to Align Healthcare Cybersecurity
HHS launched a website for the 405(d) Program, which is comprised of a task force focused on aligning healthcare cybersecurity approaches across the sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
03 Dec 2021
FDA, MITRE, MDIC Create Medical Device Threat Modeling Playbook
MITRE and the Medical Device Innovation Consortium (MDIC) partnered with the FDA to release a playbook for medical device threat modeling. Continue Reading
By- Jill McKeon, Associate Editor
-
News
03 Dec 2021
Tardigrade Malware Poses Unprecedented Threat to Biomanufacturers
Bad actors used Tardigrade malware to target a vaccine biomanufacturing facility, and experts are advising the healthcare sector to stay vigilant. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
01 Dec 2021
Security, Privacy Risks of Artificial Intelligence in Healthcare
As regulatory agencies work to catch up to technological advances, the security and privacy risks of artificial intelligence in healthcare remain. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Nov 2021
Patients File Lawsuits in Wake of Healthcare Data Breaches
Some hospitals are successfully putting a stop to lawsuits filed in the wake of healthcare data breaches, claiming a lack of real injury to patients. Continue Reading
By- Jill McKeon, Associate Editor
-
News
29 Nov 2021
H-ISAC Releases CISO Guide for Identity-Centric Data Sharing
H-ISAC released a guide to help CISOs navigate the 21st Century Cures Act by adopting an identity-centric data sharing approach. Continue Reading
By- Jill McKeon, Associate Editor
-
News
24 Nov 2021
Philips Discloses Additional Medical Device Security Vulnerabilities
Philips issued disclosed two new medical device security vulnerabilities impacting patient monitoring and medical device interfacing devices. Continue Reading
By- Jill McKeon, Associate Editor
-
News
23 Nov 2021
CISA Warns Critical Infrastructure of Holiday Ransomware Risks
CISA warned US critical infrastructure entities to stay vigilant against ransomware and other cyber threats during the upcoming holiday. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
23 Nov 2021
Top Healthcare Cybersecurity Challenges, How to Overcome Them
With a multitude of critical data and patient safety hanging in the balance, there is a unique set of healthcare cybersecurity challenges that must be carefully considered. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Nov 2021
Zero-Day Attacks Threaten Healthcare Cybersecurity
Zero-day attacks pose a serious threat to the healthcare sector and can be difficult to mitigate, HC3 warned in its latest threat brief. Continue Reading
By- Jill McKeon, Associate Editor
-
News
22 Nov 2021
32% of Healthcare Organizations Have a Comprehensive Security Program
Core components of a comprehensive security program include regular reporting of security deficiencies and having a designated CISO. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
19 Nov 2021
Using Software Bill of Materials (SBOMs) For Medical Device Security
Software bill of materials (SBOMs) enable healthcare organizations to manage medical device security risks while promoting transparency between manufacturers and providers. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Nov 2021
IoT Security Incidents Increase as Healthcare Leans into Connected Health
IoT security incidents are increasingly common as more healthcare organizations rely on innovative connected health solutions. Continue Reading
By- Jill McKeon, Associate Editor
-
News
17 Nov 2021
CISA: Iranian Government-Sponsored Threat Actors Targeting Healthcare
The US and its allies are warning healthcare entities about Iranian government-sponsored threat actors targeting Microsoft Exchange and Fortinet vulnerabilities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
15 Nov 2021
Insufficient Access Controls Cause Philips MRI Vulnerabilities
Inadequate access controls that fail to restrict access by unauthorized individuals resulted in 3 medium severity Philips MRI vulnerabilities. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Nov 2021
HC3 Warns of Cobalt Strike Threat to Healthcare Sector
HC3 issued a threat brief warning the healthcare sector of Cobalt Strike, a remote access tool that can be abused to orchestrate a cyberattack. Continue Reading
By- Jill McKeon, Associate Editor
-
News
12 Nov 2021
Researchers Discover 13 Medical Device Security Vulnerabilities
Researchers discovered 13 new medical device Security vulnerabilities stemming from the Siemens Nucleus TCP/IP stack that could enable DoS attacks and exploitation. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Nov 2021
Best Practices for Responding to Medical Device Security Incidents
A new playbook from the Cloud Security Alliance aims to help organizations balance clinical considerations and patient safety risks with medical device security incidents. Continue Reading
By- Jill McKeon, Associate Editor
-
News
11 Nov 2021
DOJ Charges 2 People Connected to REvil/Sodinokibi Ransomware
The Justice Department charged two individuals and seized $6.1 million in connection with Revil/Sodinokibi ransomware. Continue Reading
By- Jill McKeon, Associate Editor
-
News
10 Nov 2021
Most Patients Unaware of the Magnitude Healthcare Ransomware Attacks
Half of potential patients said they would change hospitals if their provider was hit by a healthcare ransomware attack, but most are unaware of recent attacks. Continue Reading
By- Jill McKeon, Associate Editor
-
Feature
09 Nov 2021
3 Keys to Third-Party Risk Management at WellSpan Health
WellSpan Health’s third-party risk management strategy focuses on assessing vendors, managing employee and non-employee access, and collaborating to mitigate risk. Continue Reading
By- Jill McKeon, Associate Editor