The healthcare sector is plagued by increasingly complex cyberthreats, and simply meeting compliance standards is not doing enough to protect sensitive healthcare data, according to Christopher Frenz, assistant vice president of IT security at Mount Sinai South Nassau.
John F. Banghart has spent 30 years in cybersecurity, and he appreciates the importance of creative thinking, upskilling and collaboration. Looking back on the Heartbleed vulnerability, Banghart said the incident demonstrates the need to address software supply chain risks causing problems today.
Authentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.
Rural and small hospitals and other healthcare providers often complain that a lack of resources is a major factor stunting their cybersecurity maturity. But even when offered free or discounted cyber assistance, many of these organizations aren't signing up.
George Chacko, executive director of information security and compliance at New York Blood Center, shares his journey in cybersecurity, the challenges for nonprofit organizations with limited budgets and resources, and collaborative initiatives to improve security programs.
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.
Healthcare organizations often face obstacles in sharing cybersecurity information. Phil Englert and Errol Weiss from Health-ISAC advocate for shifting the focus from legal risks to business risks, improving incident response and building resilience through collaboration and transparency.
A Louisiana-based ambulance company that provides emergency medical care services in four states is notifying nearly 3 million people that their sensitive health information was potentially stolen in a June hack. Ransomware gang Daixin claims to have published the data on its dark web leak site.
Texas Attorney General Ken Paxton is suing the Biden administration, alleging that "unlawful" HIPAA Privacy Rule regulations are hindering the state's law enforcement investigations into abortion cases and other reproductive health care cases.
Federal authorities are alerting healthcare entities of vulnerabilities - including older flaws - that put Apache Tomcat at risk for attacks if left unmitigated. The open-source web server is heavily used in healthcare for hosting electronic health record and other systems and applications.
Planned Parenthood of Montana, which provides patients with reproductive healthcare services including birth control and abortion, is responding to a hack and a threat by cybercriminal group RansomHub to leak 93 gigabytes of data allegedly stolen from the organization.
The Department of Health and Human Services has dropped its appeal of a recent federal court decision saying that HHS exceeded its authority in warning HIPAA-regulated entities that it's unlawful to use online tracking tools to capture certain identifiers in user visits to health-related websites.
Organizations face a surge in sophisticated DDoS attacks, and advanced techniques are making traditional defenses obsolete. Neal Quinn, head of cloud security services business, North America, at Radware, discusses how automated solutions and real-time threat intelligence can address these issues.
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.
A vendor that provides information systems and transcription services to radiology practices is alerting 411,037 people of a hack discovered last December involving the theft of sensitive data. The firm already faces at least four proposed federal class action lawsuits related to the hack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.