FDA vulnerability grading system proves all risk not created equal
For many markets, changing the way companies evaluate the severity of risk could shift how they prioritize which bugs to stomp out in which order.
About SC Media
Health Care
Lessons from the ransomware death: Prioritize cyber emergency preparedness
For medical facilities, and any entity that delivers critical services, the situation places security teams on high alert: ensure adequate training for the workforce and some means of network redundancy or else risk similar tragedy or even potential liability.
Lessons combating COVID-19 healthcare security challenges
Long at the forefront of protecting sensitive information from cyberattacks, health care organizations had to pivot quickly to ensure as the COVID-19 pandemic imposed new threats on a vulnerable newly remote workforce. And adapt they did, even as bad actors exploited a fragile, fragmented infrastructure suddenly reliant on telehealth visits. The lessons learned from the…
George Floyd medical records breached; does ‘VIP’ data need bonus security?
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
Socioeconomic status and cyber: the new ‘digital divide’
In part one of a two-part series, SC Media examines how businesses and institutions in poorer or underserved regions may be less equipped to fight off cyberattacks than their well-funded counterparts in affluent cities.
What security functions should small medical providers outsource?
Strapped for cybersecurity resources, small and medium-size health care providers should outsource electronic medical record (EMR) maintenance, Payment Card Industry (PCI) compliance and threat intelligence gathering to third-party service providers, but risk assessment must still be handled internally, according to Mitchell Parker, CISO at Indiana University Health. Lamenting the recent scourge of ransomware and data…
Even during pandemic, healthcare orgs successfully fending off attacks
Despite an increased toll on their computer systems amid Covid-19, healthcare organizations throughout the world generally are doing a good job of mitigating inbound attack attempts, according to a Vectra analysis of the first five months of 2020. The report cites a doubling of data exfiltration behaviors to external destinations in Europe, Middle East and…
NetWalker claims credit for attack on Crozer-Keystone Health System
The NetWalker ransomware group claimed to be behind an attack on Philadelphia area Crozer-Keystone Health System, prompting the health care provider to take systems offline. The hackers are threatening to begin releasing information nicked in the attack in six days, according to a Cyberscoop report. The company, which operates eight medical facilities, including four hospitals,…
Execs, dignitaries call on nations to help end cyberattacks on health care orgs
The CyberPeace Institute and dozens of international leaders and dignitaries on Tuesday collectively urged the world’s governments in an open letter to help put an end to cyberattacks on hospitals and health care institutions that are already under the incredible strain of combatting the Covid-19 pandemic. “Over the past weeks, we have witnessed attacks that…
Alleged Collection 1 hacker nabbed; ransomware campaign targeting hospitals disrupted
The Ukrainian Secret Service on Tuesday announced the arrest of a man who they say is the hacker who amassed hundreds of millions of stolen credentials and then used an internet message board to announce their availability as a data set known as Collection 1. And in another significant win for law enforcement officials, Romania…
Want to read more?
Next post in Cybercrime
