According to the National Vulnerability Database, 18,353 vulnerabilities were reported in 2020. That’s nearly three times the volume of vulnerabilities reported five years ago, and higher than any year in the previous two decades. Given the rise in connected devices, this increase is not entirely unexpected. If that’s the case, shouldn’t we be seeing more vulnerability disclosures related to medical devices? The U.S. Department of Homeland Security Cybersecurity and Infrastructure
Read More
Escalating Cyberattacks on Healthcare Organizations Highlight Need for Security Interventions
Healthcare organizations have faced continual stress from heavy COVID-19 caseloads in 2020. Cyberattacks on their information networks also loomed as a serious threat, and the pressure to protect data is expected to grow this year, as more criminals target healthcare providers. Protecting patient data from unauthorized access has long been a regulatory prerequisite for healthcare organizations. But increasingly, cybercriminals see profit potential in attacking and crippling their networks,
Read More
Death by Ransomware: Poor Healthcare Cybersecurity
If hackers attack your organization and you’re in an industry such as financial services, engineering, or manufacturing your risks are mostly monetary. But when it comes to healthcare cybersecurity, not only is there significant financial jeopardy, people’s health and wellbeing are also at risk so the stakes are much, much higher. According to the Department of Health and Human Services, there has been an almost 50 percent increase in healthcare cybersecurity data breaches between February
Read More
COVID-19 Exposed The True Vulnerability of Healthcare Infrastructure
In 2019, 41 million patient records breached in 572 reported incidents at an average cost of $1.8 million per breach. These statistics are far from surprising with healthcare records selling for a reported average of $45 on the dark web. Unfortunately, the year 2020 aggravated these issues as COVID-19 exposed the true vulnerability of the healthcare infrastructure. Organizations not only had to manage the medical and financial impacts of the pandemic but also the security risks inherent in the
Read More
How Hackers Are Targeting COVID-19 Vaccine Distribution Chains – Q/A
With the US and other major countries poised to begin national
distribution of multiple FDA-approved COVID-19 vaccines, the cybersecurity threats
to secure COVID19
vaccine distribution is imminent. Earlier this month, IBM released a report on malicious cyber actors targeting
the COVID-19 cold chain—an integral part of delivering and storing a vaccine at
safe temperatures. Impersonating a biomedical company, cyber actors are sending phishing and spear-phishing emails to executives and global
Read More
New Attacks, Regulations, and Stakes Call for New Security Strategies
The amount of data generated by the healthcare industry is staggering—and constantly increasing. Healthcare data encompasses the personal information of patients, doctors, nurses, and administrators. It includes diagnostic information, test results, ultrasound images, x-ray images, and of course insurance and financial information. With so much sensitive patient information there for the taking, it comes as little surprise that the healthcare industry—perhaps more than any other sector—has
Read More
5 Critical Considerations for Patient Privacy in Telehealth
The COVID-19 pandemic has had a tremendous ripple effect across all industries, with one of the most impacted being healthcare. Providers have had to quickly adapt to supporting patients ‘virtually’ in a secure manner, while simultaneously developing procedures to support accurate reporting to government organizations. These changes have placed added pressure on security and privacy professionals, as they struggle to keep up with urgent demand. Mature healthcare organizations already have
Read More
Cybersecurity: Managing Risk in the COVID-19 Era
Healthcare IT consultants’ work involving health records may expose them – and their provider and payer clients – to regulatory, legal, financial, and reputational risk. These risks are potentially higher in the COVID-19 era, with many of their employees working from home and accessing sensitive records and networks from remote locations. According to the US Department of Homeland Security (DHS), there is a heightened risk of phishing, SMS phishing and other attacks using COVID-19 themes, and
Read More
5 Common Types of COVID-19 Grey Market Scams for Hospitals to Avoid
What You Should Know: - Scammers may be trafficking counterfeit or faulty protective equipment (PPE) during COVID-19 in what is now known as the “grey market.” - Premier outlines five common types of COVID-19 grey market scams for hospitals to avoid and key best practices to avoid them as hospital brace for the surge in COVID-19 patients. Healthcare providers are working around the clock to safely
care for patients during the COVID-19 pandemic,
and the last thing they need to
Read More
COVID-19: Best Practices to Safeguard Organizations from Cybercriminals
While we may consider health largely a private concern in the United States, our nation depends on the continuity and availability of its healthcare system in a very public way, as evidenced by the current coronavirus outbreak. Our critical healthcare infrastructure is vulnerable at this time, no doubt, but it truly has been inspiring to see doctors, scientists, and other industry professionals from around the world come together to stop the spread of COVID-19. To fend off exploitative
Read More
