Privacy & Security

Doctor meeting with businesspeople and looking at a tablet

Assess and mitigate your hospital’s cyber risk

05:22 am August 21, 2023

Key takeaways from the HHS hospital cyber resiliency report.

Healthcare workers meeting with large screen in background

Healthcare IT in the multi-cloud era: Are we better off?

05:19 am August 21, 2023

Executives are changing their approach from ‘cloud first’ to ‘cloud smart.’

Top 12 vulnerabilities that cybercriminals exploited last year

By Andrea Fox 11:00 am August 18, 2023

Leading the list, jointly developed by CISA and international cybersecurity agencies based on their observations of bad actors in 2022, is a vulnerability in Fortinet SSL VPNs that many healthcare organizations have still failed to patch.

EHR vendors don't have to draw a 'line in the sand' on reproductive data privacy

By Andrea Fox 10:30 am August 18, 2023

Larger companies are taking an "all or nothing" approach in light of proposed legislation, one HIE leader says, but electronic health record developers can look to modernized data lakes for inspiration and place guardrails around PHI.

Why you should be revamping your cybersecurity strategy – now

By Bill Siwicki 10:22 am August 17, 2023

Ahead of her appearance at the HIMSS Healthcare Cybersecurity Forum, an information security expert from MITRE offers advice on ways provider organizations can prepare for the worst in a complex and wildly fluctuating threat landscape.

Is artificial intelligence a cybersecurity ally or menace?

By Bill Siwicki 10:42 am August 15, 2023

MITRE's Dr. Brian Anderson talks about the pros and cons of AI in cybersecurity – and the role of generative AI like ChatGPT – in a preview of his panel session at the upcoming HIMSS Healthcare Cybersecurity Forum.

Healthcare incurs highest data breach costs – for the 13th year in a row

By Andrea Fox 10:55 am August 11, 2023

New research by the Ponemon Institute and IBM Security revealed that the global average cost of a data breach reached $4.45 million and the costs of avoiding law enforcement after a ransomware attack have increased by $470,000.

A group of healthcare professionals are meeting in front of a laptop to discuss cybersecurity.

CISA to focus on greater accountability across the cybersecurity ecosystem

By Andrea Fox 03:06 pm August 09, 2023

"We will work with a variety of partners across government and industry to promote adoption and take steps to align incentives that address constraints limiting further progress," the agency said in its new strategic plan.

Code appears in the foreground over hands on a laptop.

HC3 warns of the Rhysida ransomware 'Cybersecurity Team'

By Andrea Fox 07:50 am August 09, 2023

The group – whose ransom note reportedly mimics a customer support ticket – may use a phishing attack to breach health systems' networks or drop payloads across compromised systems after first deploying Cobalt Strike or other frameworks.

A monitor in the foreground and three surgeons appear in the background.

Healthcare software and firmware risks up 59%, says H-ISAC

By Andrea Fox 11:00 am August 08, 2023

Researchers found that vulnerabilities for the software and firmware powering medical devices and other health IT applications increased significantly – and nearly four times as many of these vulnerabilities are being weaponized compared to last year.