Breach, Ransomware

Time to stop the money-making business of kicking hospitals when they’re down

April 28, 2021
Late last year, CISA, HHS and the FBI issued a joint warning on impending cyberattacks on hospitals during the pandemic. Today’s columnist, Jeff Costlow of ExtraHop, offers strategies to help hospitals defeat those attacks. U.S.SecretaryofDefense CreativeCommons CC BY 2.0
  • HIPAA and HITECH guarantee that patients can access, and control access to their personal data. The regulations also dictate how patient data and protected health information should be kept private and secure. 
  • NIST CSF framework offers industry-standard guidelines that CISOs can employ to secure infrastructure across the organization. 
  • HITRUST was developed in collaboration with data protection professionals and rationalizes relevant regulations and standards into a single overarching security and privacy framework. 
  • MITRE ATT&CK is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. This helps healthcare organizations understand how adversaries operate so they can plan how to better secure their networks and devices as well as to detect and stop attacks. 
prestitial ad