Cybersecurity strategies
The healthcare sector faces a variety of cyberthreats, but experts are constantly working to provide organizations with reliable cybersecurity strategies to address them. Learn about the latest tactics for tackling cyber risk, with efforts led by security practitioners, federal agencies and leading cybersecurity companies.
Top Stories
-
Feature
19 Dec 2024
Top healthcare cybersecurity, privacy predictions for 2025
Healthcare cybersecurity and privacy experts predict a renewed focus on cyber-resilience, advancements in AI and additional privacy legislation going into 2025. Continue Reading
By- Jill McKeon, Associate Editor
-
News
25 Nov 2024
KLAS: Security consulting firms step up as threats rise
Clients of several top security consulting firms reported high satisfaction rates amid an uptick in cyberthreats across the healthcare sector. Continue Reading
By- Jill McKeon, Associate Editor
-
News
14 May 2020
DHS CISA, FBI Reveal The Top Exploited Vulnerabilities Since 2016
Organizations are being urged to prioritize patching and mitigation tactics for the top 10 exploited vulnerabilities between 2016 and 2019, and the three most exploited flaws from 2020, so far. Continue Reading
By- Jessica Davis
-
News
13 May 2020
DHS CISA, FBI Warn Chinese Hackers Targeting COVID-19 Research Firms
A joint alert from DHS CISA and the FBI warns hackers tied to the People’s Republic of China are targeting and compromising the networks of research facilities working on the COVID-19 response. Continue Reading
By- Jessica Davis
-
News
12 May 2020
Feds Alert to New North Korean Malware Threats, Mitigation Tactics
DHS CISA, the FBI, and DOD are urging organizations to review insights into three recent malware variants tied to North Korea and recommended mitigation techniques to bolster defenses. Continue Reading
By- Jessica Davis
-
Answer
07 May 2020
Ransomware Success Declines Amid COVID-19, But Resurgence is Likely
While hackers have continued to target providers amid the pandemic, the number of successful attacks is in decline. But healthcare should plan now for the inevitable resurgence. Continue Reading
By- Jessica Davis
-
News
07 May 2020
OCR Shares COVID-19 Privacy and Security Threat Resources
In response to the increase in COVID-19-related cyber threats, OCR released a list of privacy and security resources to help providers bolster their defenses and prevent HIPAA violations. Continue Reading
By- Jessica Davis
-
News
05 May 2020
APT Hackers Targeting Healthcare, Essential Services Amid COVID-19
A new joint alert from DHS CISA and UK NSCS warns advanced persistent threat (APT) hacking groups are exploiting the COVID-19 pandemic to target healthcare providers and other essential services. Continue Reading
By- Jessica Davis
-
News
04 May 2020
Ransomware Causes 15 Days of EHR Downtime, as Payments Avg $111K
Driven by the notorious Sodinokibi and Ryuk variants, the average ransomware payment demand surged to $111,000, on average, according to Coveware’s quarterly ransomware incident report. Continue Reading
By- Jessica Davis
-
News
30 Apr 2020
COVID-19 Remote Work Causes Spike in Brute-Force RDP Cyberattacks
Kaspersky detected a rapid increase in brute-force hacking attempts against the remote desktop protocol (RDP), given the record number of remote workforce amid the COVID-19 crisis. Continue Reading
By- Jessica Davis
-
News
29 Apr 2020
Microsoft: COVID-19 Fueling Human-Operated Ransomware Deployments
In the last two weeks, Microsoft has seen a surge in the volume of ransomware attacks against healthcare; but the human-operated attacks likely began months before deploying the malware. Continue Reading
By- Jessica Davis
-
News
28 Apr 2020
NSA Shares Cybersecurity Guidance, Assessments for COVID-19 Telework
New guidance from the National Security Agency (NSA) is designed to help organizations assess and compare collaboration tools used for remote work during the COVID-19 pandemic. Continue Reading
By- Jessica Davis
-
News
27 Apr 2020
New COVID-19 Phishing Campaigns Target Zoom, Skype User Credentials
Researchers have discovered two new phishing campaigns targeting user credentials for both Skype and Zoom, amid the spike in remote work tied to the COVID-19 pandemic. Continue Reading
By- Jessica Davis
-
News
24 Apr 2020
WHO Reports COVID-19 Spurs Rapid Rise in Cyberattacks Against Staff
Days after a report revealed a leak of hundreds of active WHO credentials, officials say they've seen a dramatic increase in cyberattacks against its staff and email scams targeting the public. Continue Reading
By- Jessica Davis
-
News
23 Apr 2020
NSA Shares Guide to Web Shell, Malware Vulnerabilities, Mitigation
A joint advisory from NSA and the Australian Signals Directorate reveals the common vulnerabilities exploited by hackers to plant web shell malware and mitigation techniques. Continue Reading
By- Jessica Davis
-
News
22 Apr 2020
Sens. to DHS CISA: Issue COVID-19 Cyber Threat Guidance for Healthcare
Given the steady increase in COVID-19 cyber threats, a group of Senators are asking DHS CISA and its partners to develop and issue cybersecurity guidance for the healthcare sector. Continue Reading
By- Jessica Davis
-
News
22 Apr 2020
Cybercriminals Targeting US Providers with COVID-19 Phishing Attacks
The FBI is warning medical providers that cybercriminals are targeting the healthcare sector with targeted email phishing attacks, exploiting fear about the COVID-19 pandemic. Continue Reading
By- Jessica Davis
-
News
20 Apr 2020
Google Blocks 18M Daily COVID-19-Related Phishing Emails
Hackers are continuing to use the COVID-19 pandemic to target users, with Google blocking 18 million phishing emails related to the Coronavirus last week. Continue Reading
By- Jessica Davis
-
News
17 Apr 2020
DHS Warns Hackers Compromising Patched VPNs with Stolen Credentials
Organizations that have patched vulnerable Pulse Secure VPNs are still being compromised, due to hackers leveraging stolen credentials to access internal networks, DHS CISA warns. Continue Reading
By- Jessica Davis
-
News
16 Apr 2020
Threat Actors Targeting Hospitals with Double Extortion Ransomware
Check Point finds hospitals and other providers are being targeted with double extortion, where hackers first extract large troves of data before deploying the ransomware to pressure victims. Continue Reading
By- Jessica Davis
-
News
16 Apr 2020
AMA, AHA Share COVID-19 Telework Guidance for Hospitals, Providers
Given the rapid increase in telework and a spike in cyber threats related to COVID-19, AMA and AHA released joint cybersecurity guidance to protect hospital and provider networks. Continue Reading
By- Jessica Davis
-
News
15 Apr 2020
Microsoft Patches 3 Zero-Day Exploits, Delays Some End-of-Support
Microsoft patched three zero-day exploits and announced COVID-19-related support for organizations by delaying some end-of-support and giving providers free access to its AccountGuard. Continue Reading
By- Jessica Davis
-
News
15 Apr 2020
FBI Alerts to BEC Scams Targeting COVID-19 PPE Supply Procurement
Hackers are targeting those attempting to buy personal protective equipment (PPE) and other COVID-19-related medical supplies with business email compromise (BEC) scams, FBI warns. Continue Reading
By- Jessica Davis
-
News
14 Apr 2020
Hackers Favor Small Hospitals, Health Centers as Ransomware Targets
Small hospitals and healthcare centers are prime ransomware attack targets, as hackers see an increased likelihood these providers will pay the ransom demand to prevent care disruption. Continue Reading
By- Jessica Davis
-
News
09 Apr 2020
Hackers, APTs Exploiting COVID-19 with Phishing Attacks, Fraud Schemes
In a rare joint alert, US and UK Federal cyber agencies are warning hackers are taking advantage of the COVID-19 pandemic and increased remote work with phishing attacks and fraud schemes. Continue Reading
By- Jessica Davis
-
News
08 Apr 2020
Zoom Enacts CISO Advisory Board, as COVID-19 Fuels Privacy Issues
Following reports of privacy incidents and vulnerabilities, an investor has filed a lawsuit against Zoom. In response, the videoconferencing platform instated a CISO Advisory Board. Continue Reading
By- Jessica Davis
-
News
07 Apr 2020
82% of Vulnerable Microsoft Exchange Servers Remain Unpatched
Weeks after DHS CISA warned hackers are targeting a critical vulnerability found in Microsoft Exchange servers, new research shows 80 percent of these flawed devices remain unpatched. Continue Reading
By- Jessica Davis
-
News
07 Apr 2020
COVID-19 Business Email Compromise Schemes, Ransomware Escalating
The FBI expects business email compromise schemes tied to the COVID-19 pandemic will rise in the coming weeks, as Interpol reports a spike in ransomware attacks on healthcare providers. Continue Reading
By- Jessica Davis
-
News
02 Apr 2020
Zoom to Halt Feature Development to Bolster Privacy, Security for COVID-19
After reports found serious privacy and security issues in Zoom, the videoconferencing platform will stop feature development to improve its posture given the rapid increase in users from the COVID-19 pandemic. Continue Reading
By- Jessica Davis
-
News
02 Apr 2020
Brute-Force Hacking Campaign Targets Microsoft SQL Servers
An ongoing hacking campaign is targeting vulnerable Microsoft SQL servers with brute-force attacks to deploy backdoors and install cryptomining software and remote access trojans. Continue Reading
By- Jessica Davis
-
News
01 Apr 2020
Microsoft Shares Health Sector COVID-19 Ransomware Insights
Human-operated ransomware hackers are using the COVID-19 pandemic to their advantage. In response, Microsoft shares healthcare-specific security considerations to strengthen defenses. Continue Reading
By- Jessica Davis
-
News
31 Mar 2020
FBI Again Alerts to Kwampirs Malware Supply Chain Cyberattacks
An Advanced Persistent Threat actor is leveraging the Kwampirs Remote Access Trojan malware in targeted cyberattacks, including a significant amount in the healthcare sector, the FBI warns. Continue Reading
By- Jessica Davis
-
News
30 Mar 2020
NIST Shares Cyber Risk Management, Mobile Guides; Impact Analysis Tool
NIST released several updates and draft frameworks around enterprise risk management and cybersecurity, and mobile device security, as well as a supply chain impact analysis tool. Continue Reading
By- Jessica Davis
-
News
27 Mar 2020
COVID-19 Cyber Threats: Hackers Target DNS Routers, Remote Work
Europol warns hackers are increasing targeting of remote workers and the healthcare sector, as researchers show a drastic rise in COVID-19 phishing and DNS Hijacking attacks. Continue Reading
By- Jessica Davis
-
News
26 Mar 2020
Microsoft Warns Hackers Targeting Unpatched RCE Windows Flaws
Two zero-day exploits found in Windows platforms are being actively targeted by hackers; a successful remote code execution could allow a hacker to take control of the affected device. Continue Reading
By- Jessica Davis
-
Feature
26 Mar 2020
Can Multi-Factor Authentication Help Healthcare’s Security Posture?
Multi-factor authentication blocks nearly all automated cyberattacks, and most compromised accounts didn’t use the tech. Healthcare’s security posture is in need of improvement. Continue Reading
By- Jessica Davis
-
News
24 Mar 2020
Coronavirus Fraud Schemes Surge, as FBI, HHS OIG Advise Cyber Hygiene
Organizations and individuals are being urged to report COVID-19 fraud schemes to DOJ, as the FBI and HHS OIG warn hackers are increasingly targeting users during the Coronavirus pandemic. Continue Reading
By- Jessica Davis
-
News
19 Mar 2020
Security Firms Offer Ransomware, Security Assistance During COVID-19
Healthcare providers combating the Coronavirus are being offered ransomware assistance and other security tools to ensure care continuity during the pandemic. Continue Reading
By- Jessica Davis
-
News
18 Mar 2020
OCR Shares COVID-19 Cyber Scam Advice, as Hackers Impersonate WHO
Hackers are taking advantage of the COVID-19 outbreak by impersonating WHO in coronavirus phishing campaigns. In response, OCR urges providers to review DHS cyber scam advice. Continue Reading
By- Jessica Davis
-
News
18 Mar 2020
DHS Urges VPN Cybersecurity Best Practices in Light of COVID-19
Organizations must heighten VPN cybersecurity best practices, as hackers ramp up targeting of these vulnerable connections during the COVID-19, or Coronavirus pandemic, DHS warns. Continue Reading
By- Jessica Davis
-
News
17 Mar 2020
As HHS Responds to Coronavirus, Network Targeted by Cyberattack
The HHS network was bombarded with millions of hits late Sunday night, in an apparent attempt to undermine the agency’s coronavirus response; a foreign threat actor is suspected. Continue Reading
By- Jessica Davis
-
News
12 Mar 2020
Microsoft Alerts to Critical SMB Remote Code Flaw, Issues Patch
The tech giant is recommending organizations disable the SMBv3 compression, after inadvertently disclosing a critical remote code vulnerability on Patch Tuesday; Microsoft just issued a patch. Continue Reading
By- Jessica Davis
-
News
12 Mar 2020
DHS Warns APT Attackers Exploiting Microsoft Exchange Server Flaw
Multiple APT hacking groups are actively targeting unpatched Microsoft exchange server flaws, DHS warns; if successful, an attacker could remotely install code with elevated privileges. Continue Reading
By- Jessica Davis
-
News
11 Mar 2020
HSCC Shares Best Practice Cyber Threat Information Sharing Guidance
Best practice guidance from HSCC sheds light on ways healthcare organizations can establish and manage cyber threat information sharing programs to reduce overall risk. Continue Reading
By- Jessica Davis
-
News
11 Mar 2020
90% Hospitals, Health Systems Faced Email-Based Cyberattack in 2019
Mimecast and HIMSS Media say hospitals and health systems are failing to prioritize employee security awareness training, as 90 percent experienced an email-related cyberattack in the last year. Continue Reading
By- Jessica Davis
-
News
10 Mar 2020
New Phishing Campaign Targets Health, Pharma with HIV Test Results
Proofpoint researchers observed hackers targeting healthcare, pharma, and insurance companies with a new phishing campaign that sends out fake HIV test results as an emotional lure. Continue Reading
By- Jessica Davis
-
News
09 Mar 2020
Ransomware Attacks on Healthcare Providers Rose 350% in Q4 2019
A Corvus analysis reveals the vast majority of ransomware attacks on healthcare providers stem from phishing incidents, as attacks jumped a whopping 350 percent in the last quarter of 2019. Continue Reading
By- Jessica Davis
-
News
06 Mar 2020
Microsoft Shares Preventable Human-Operated Ransomware Insights
One of the most significant cyberattack trends today, human-operated ransomware attacks are entirely preventable, Microsoft says; hackers prey on vulnerabilities to deploy payloads. Continue Reading
By- Jessica Davis
-
News
05 Mar 2020
87% Health Orgs Lack Security Personnel for Effective Cyber Posture
More than half of health organizations faced cyberattacks that caused $1.8 million in damages, as the majority of security leaders say they lack the needed personnel for an effective security posture. Continue Reading
By- Jessica Davis
-
News
05 Mar 2020
FDA Warns Medical Device Bluetooth Security Flaw Could Disrupt Function
The security flaw dubbed SweynTooth impacts a range of medical devices with Bluetooth Low Energy and could allow a hacker to remotely crash the device or access its data, the FDA warns. Continue Reading
By- Jessica Davis
-
News
28 Feb 2020
NIST Shares Workforce Development, Cybersecurity Partnership Insights
A NIST report sheds light into a recent pilot program for regional alliances and stakeholder partnerships, which outlines a roadmap for building similar cybersecurity partnerships and workforce. Continue Reading
By- Jessica Davis
-
Answer
27 Feb 2020
Vendor Management Needed in Light of NRC Health Ransomware Attack
CynergisTek’s David Holtzman dives into vendor management priorities for providers in light of recent third-party vendor breaches with potentially serious consequences, like the NRC Health ransomware attack. Continue Reading
By- Jessica Davis
-
News
25 Feb 2020
Healthcare Providers Overconfident in Data Sharing Controls, Security
Healthcare providers received the worst marks for controlling data ROT, or redundant, obsolete, and trivial files, as well as data sharing controls and security, among all other sectors. Continue Reading
By- Jessica Davis
-
News
25 Feb 2020
IT Security Leaders Engage in Risky Security, Password Habits
A recent report from Yubico shows IT security leaders are routinely engaging in risky authentication practices, with 35 percent failing to change password management after a cyberattack. Continue Reading
By- Jessica Davis
-
News
19 Feb 2020
45% Connected Medical Devices Vulnerable to BlueKeep Exploit
One in 10 devices on a hospital network are medical devices. CyberMDX finds these vulnerable systems are at risk of being targeted by hackers -- including exploit from BlueKeep. Continue Reading
By- Jessica Davis
-
News
18 Feb 2020
Hackensack Meridian Faces Breach Lawsuit After Ransomware Attack
Two patients have filed a lawsuit against Hackensack Meridian Health in New Jersey, after a ransomware attack forced the provider into EHR downtime for two days in December. Continue Reading
By- Jessica Davis
-
News
13 Feb 2020
Ransomware Attacks Cost Healthcare Sector At Least $160M Since 2016
Comparitech researchers assessed ransomware attacks on the healthcare sector since 2016 and found providers have spent at least $160 million in recovery costs and up to months in recovery. Continue Reading
By- Jessica Davis
-
News
12 Feb 2020
FBI: $3.5B Lost to Cybercrime in 2019, Led by Business Email Compromise
Cybercriminals are rapidly improving the sophistication of their attacks. The FBI estimates $3.5 billion was lost to cybercriminals last year; business email compromise caused the most damage. Continue Reading
By- Jessica Davis
-
News
11 Feb 2020
FBI Alerts to Ongoing Targeted Supply-Chain Cyberattacks
Hackers are targeting supply-chain vendors in an effort to install Kwampirs malware, a remote access trojan (RAT) and gain access to the victim’s connected business partners and customers. Continue Reading
By- Jessica Davis
-
News
11 Feb 2020
Hackers Increasing Complex Attacks with Hack Tools, Ransomware
The Malwarebytes Lab 2020 State of Malware Report shows a concerning number of ransomware detections and a rapid rise in hack tools that use unpatched vulnerabilities to breach networks. Continue Reading
By- Jessica Davis
-
News
07 Feb 2020
Cisco Patches Critical Vulnerabilities Impacting Millions of Devices
Armis found five critical vulnerabilities found in the Cisco Delivery Protocol (CDP) that would allow for remote code execution; CDP is found in Cisco’s IP phones, routers, and switches. Continue Reading
By- Jessica Davis
-
News
06 Feb 2020
Insider Breach Remediation Costs Health, Pharma $10.81M Annually
Overall, new research shows healthcare and pharma entities spend $10.81 annually on insider breach remediation. Across all sectors, organizations spend $11.4 to combat insider threats. Continue Reading
By- Jessica Davis
-
News
05 Feb 2020
NIST Shares Cyber Supply Chain Risk Management Guidance
New cyber supply chain risk management guidance from NIST provides organizations with case studies and standards designed to build an effective enterprise program. Continue Reading
By- Jessica Davis
-
News
05 Feb 2020
Medtronic Patches Vulnerabilities in CareLink, Implanted Medical Devices
Medical device giant Medtronic recently issued a set of patches for previously disclosed vulnerabilities found in its CareLink programmers and certain implanted devices. Continue Reading
By- Jessica Davis
-
Answer
04 Feb 2020
Maze Ransomware Hackers Extorting Providers, Posting Stolen Health Data
Soon after the FBI warned that hackers are targeting private sector organizations to encrypt and steal data, Maze ransomware actors are now publicly extorting providers and posting stolen PHI. Continue Reading
By- Jessica Davis
-
News
03 Feb 2020
DHS CISA Warns Hackers Exploiting Unpatched Citrix Servers
Days after Citrix issued final patches for severe vulnerabilities in some of its servers, DHS CISA is warning organizations that hackers are targeting, exploiting organizations that failed to patch the flaw. Continue Reading
By- Jessica Davis
-
News
31 Jan 2020
Meditology Named Best in KLAS for Cybersecurity Advisory Services
KLAS named Meditology Services as the best cybersecurity advisory service vendor, followed closely by tw-Security, namely for customer confidence, loyalty, value, services, and relationship. Continue Reading
By- Jessica Davis
-
News
30 Jan 2020
NIST Shares Draft Guides on Ransomware, Data Integrity Attacks
A pair of draft guides from NIST National Cybersecurity Center of Excellence shed light on ways organizations can better detect, respond, and mitigate ransomware and data integrity attacks. Continue Reading
By- Jessica Davis
-
News
28 Jan 2020
Ransomware, Phishing Attacks Compromised Half US Orgs in 2019
Ransomware and phishing attacks successfully compromised more than half of US organizations last year, with hackers increasing the sophistication of their social engineering attempts. Continue Reading
By- Jessica Davis
-
News
27 Jan 2020
Feds Alert to Critical Vulnerabilities in GE Patient Monitoring Products
Both FDA and DHS CISA are urging healthcare organizations to remediate risks associated with six critical and high severity vulnerabilities found in certain GE patient products. Continue Reading
By- Jessica Davis
-
Answer
24 Jan 2020
Evaluating Cyber Readiness, Vulnerabilities with Pen Testing
Once a healthcare organization has built what it feels is a strong defense and security program, security leaders can look to third-party vendor penetration testing to evaluate its cyber readiness. Continue Reading
By- Jessica Davis
-
News
23 Jan 2020
DHS CISA Alerts to Spike in Emotet Malware Cyberattacks
Days after Proofpoint discovered the destructive malware had reemerged targeting the pharma sector, DHS CISA sent an alert to warn businesses of a spike in targeted Emotet cyberattacks. Continue Reading
By- Jessica Davis
-
News
20 Jan 2020
Emotet Reemerges with Massive Campaign Targeting Pharma Industry
One of the most disruptive hacking groups behind Emotet has returned after a lull around Christmas with a massive targeted campaign aimed at the pharmaceutical industry, Proofpoint says. Continue Reading
By- Jessica Davis
-
News
16 Jan 2020
Evasive Domain-Impersonation Phishing Attacks Increase by 400%
Barracuda says that while the number of domain-impersonation attempts are far fewer than other phishing attacks, the targeted, sophisticated nature makes them costly and tough to detect. Continue Reading
By- Jessica Davis
-
News
15 Jan 2020
NSA Discloses, Urges Patch of Critical Microsoft Windows 10 Vulnerability
In a rare move, the National Security Agency (NSA) shared its discovery of a critical vulnerability in Microsoft Windows 10 that may allow remote exploitation to steal sensitive data or install malware. Continue Reading
By- Jessica Davis
-
News
14 Jan 2020
Enloe Medical Remains in EHR Downtime 2 Weeks After Cyberattack
On Jan. 2, Enloe Medical Center in California was hit with a ransomware attack, which has forced the provider to operate under EHR downtime procedures for more than two weeks. Continue Reading
By- Jessica Davis
-
Answer
13 Jan 2020
Cybersecurity Impact of Microsoft’s End to Windows 2007 Support
Microsoft is ending support for Windows 2007 and two legacy platforms on Jan 14, which CynergisTek’s Clyde Hewitt says will rapidly increase cybersecurity risks to the healthcare sector. Continue Reading
By- Jessica Davis
-
News
13 Jan 2020
Feds Alert to Ongoing Cyberattacks on Unpatched Pulse VPN Servers
In April, Pulse Secure released patches for a flaw found in its VPN servers, which were being exploited to distribute malware. But some clients failed to secure the vulnerability and are at risk of cyberattacks. Continue Reading
By- Jessica Davis
-
News
10 Jan 2020
DHS Alerts to Citrix Server Vulnerabilities, Urges Remediation
DHS is urging companies to secure vulnerabilities found in certain Citrix servers that could be actively exploited by a hacker to run malicious code; security researchers are seeing an increase in scans seeking the flaw. Continue Reading
By- Jessica Davis
-
Answer
08 Jan 2020
Is Healthcare Prepared to Respond to Cyber Threats Beyond Ransomware?
DHS alerts on increasing cyber threats from Iran and healthcare struggles with ransomware reveal providers need better recovery plans to prepare for the next wave of cyberattacks. Continue Reading
By- Jessica Davis
-
News
07 Jan 2020
FBI Alerts to Rise in Maze Ransomware, Extortion Attempts
Hackers leveraging Maze ransomware are posing as legitimate security vendors and government agencies to steal and encrypt data for potential extortion attempts. Continue Reading
By- Jessica Davis
-
News
06 Jan 2020
LifeLabs Hit With Several Lawsuits Over Data Breach of 15M Patients
In December, the Canadian testing giant reported it paid cybercriminals to retrieve the data of 15 million patients; those breach victims have filed several lawsuits, claiming failure to adequately secure data. Continue Reading
By- Jessica Davis
-
News
03 Jan 2020
Cyber Threats Behind the Biggest Healthcare Data Breaches of 2019
Ransomware saw a resurgence in 2019, which disrupted patient care across the US. But third-party vendor breaches and phishing caused some of the largest healthcare data breaches of 2019. Continue Reading
By- Jessica Davis
-
News
02 Jan 2020
Georgia Revives Patient Breach Lawsuit Against Athens Orthopedic
The Supreme Court of Georgia unanimously agreed to revive a patient breach lawsuit against Athens Orthopedic Clinic for a June 2016 data hack and extortion allegedly by notorious "thedarkoverlord." Continue Reading
By- Jessica Davis
-
News
02 Jan 2020
DCH Health Faces Federal Lawsuit After 10-Day Ransomware Attack
Patients impacted by the 10-day EHR downtime at DCH Health in Alabama have filed a class-action lawsuit, claiming a ransomware attack on the three hospitals disrupted their medical care. Continue Reading
By- Jessica Davis
-
News
16 Dec 2019
3 Health IT Standards Driving Healthcare Interoperability in the US
Direct, FHIR, and cloud fax help healthcare organizations share information and are paving the path to semantic interoperability. Continue Reading
By- J2 Global
-
News
02 Dec 2019
Minimize Costs and Complexity With AI-Powered Identity Management
Healthcare organizations have access to volumes of data, but artificial intelligence can help improve identity management and achieve ROI. Continue Reading
By- SailPoint
-
News
19 Nov 2019
Number of Exposed PACS Medical Images Increasing, US Biggest Culprit
Researchers from Germany’s Greenbone Networks have seen a 60 percent increased in the number of PACS medical archive images left exposed online, with US patients most affected by the breach. Continue Reading
By- Jessica Davis
-
Feature
04 Oct 2019
Filling Healthcare Security Staffing Gaps with Virtual CISOs, Students
Over half of organizations still do not have a designated security leader; transitioning internships and virtual CISOs can fill some of those healthcare security staffing gaps. Continue Reading
By- Jessica Davis
-
News
09 Sep 2019
HSCC Shares Resource on Threat Information Sharing Organizations
HSCC released a new inventory of national information sharing organizations and key services, designed to help healthcare providers begin the shift into these crucial cybersecurity programs. Continue Reading
By- Jessica Davis
-
News
05 Aug 2019
Securing the Present and Future of Health IT Infrastructure
New approaches to health IT infrastructure bring with them novel threats to essential systems and sensitive data, signaling the need to modernize health data security efforts. Continue Reading
By- SailPoint
-
News
21 Mar 2019
UCLA Health Reaches $7.5M Settlement Over 2015 Breach of 4.5M
The settlement resolves claims around UCLA Health’s May 2015 health data breach of 4.5 million patient records, caused by a year-long hack on its network. Continue Reading
By- Jessica Davis
-
Feature
05 Feb 2019
What Is Cyber Insurance for Healthcare Organizations?
In the wake of recent data breaches, healthcare organizations are turning to cyber insurance to offset some of the costs. Here’s what they need to understand about assessing insurers and policies to ensure adequate coverage. Continue Reading
By- Jessica Davis
-
News
10 Jan 2019
Massive SingHealth Data Breach Caused by Lack of Basic Security
The lessons learned from Singapore’s breach serve as a reality check to U.S. health organizations still failing to educate users, apply patches, and other common security methods. Continue Reading
By- Jessica Davis
-
News
29 Oct 2018
Medical Devices and Other Endpoints Offer Attractive Targets to Attackers
Medical devices, mobile devices, and other endpoints offer attackers attractive targets that healthcare organizations need to secure to protect PHI and other sensitive assets. Continue Reading
By- Insight
-
News
02 Oct 2018
FDA Unveils MITRE’s Medical Device Security Playbook
The FDA released Oct. 1 a medical device security playbook it developed with MITRE to advise healthcare organizations on securing their medical equipment. Continue Reading
By- Fred Donovan
-
News
17 Sep 2018
Best Practices for Providers to Secure Patient Data
Increased vigilance, security best practices, and the right technology can help healthcare organizations secure patient data and stay one step ahead of cybercriminals. Continue Reading
By- Insight
-
Feature
08 Jun 2018
Perils of Healthcare Phishing and What You Can Do About It
Healthcare phishing is a real danger to everyone in healthcare. In fact, phishing has become the preferred method for hackers to breach healthcare organizations to steal valuable medical data and/or deploy ransomware. Continue Reading
By- Fred Donovan
-
Feature
04 May 2018
Defending Against Healthcare Ransomware Attacks
Healthcare ransomware attacks have become a security nightmare for many organizations over the last couple of years. Here's what you can do to lessen their impact on your organization. Continue Reading
By- Fred Donovan
-
News
29 Jul 2016
Preparing Against Current Healthcare Cybersecurity Threats
Healthcare cybersecurity threats are continuously evolving, and covered entities need to ensure that they are implementing necessary and applicable security measures. Continue Reading
By- Darrin Haehle of Wonderbox Technologies
-
News
11 Jul 2016
Should a Health Information Exchange Be Opt-In or Opt-Out?
Opt-in and opt-out policies both have pros and cons that providers must understand to determine which is ultimately better for their health information exchange. Continue Reading
By- Sara Heath, Executive Editor
-
Feature
03 Jun 2016
How Ransomware Affects Hospital Data Security
Healthcare ransomware is quickly becoming an industry buzzword, but what is it exactly and how can organizations improve their hospital data security? Continue Reading
By- Elizabeth Snell