The Ever Evolving World of Cybersecurity Threats

Posted by Ken Reiher

ComplyAssistant’s Gerry Blass comments on the biggest threats to healthcare organizations that we should be concerned about in Healthcare IT Today’s “The Ever Evolving World of Cybersecurity Threats” article.

In January 2021, HHS’s Health Industry Cybersecurity Practices (HICP) rule was signed into law. It is an extension of the HIPAA/ HITECH Security Rule and identifies the top five threats to healthcare organizations. They are:

  • Email phishing attacks
  • Ransomware attacks
  • Loss or theft of equipment or data
  • Internal, accidental or intentional data loss
  • Attacks against connected medical devices that may affect patient safety

Email phishing and ransomware attacks have caused extended critical system and connected medical device downtimes that impact not only breaches of PHI and PII but also threaten patient lives. What are some of the latest technologies or security approaches that every healthcare organization should have in place to address cybersecurity threats? HICP identifies the top ten recommended security practices (RSPs), aka “controls,” that are scoped for small, medium, and large healthcare organizations. They are:

  • Email protection systems
  • Endpoint protection systems
  • Access management
  • Data loss prevention
  • Asset management
  • Network management
  • Vulnerability management
  • Incident response
  • Medical device security
  • Cybersecurity policies

To continue reading this article, click here.