Cybersecurity in Healthcare: Critical Connection to Patient Safety
Feature article by tw-Security President Tom Walsh. In a threatening digital landscape, healthcare CIOs need to to uphold patient safety by implementing cybersecurity measures. Healthcare cybersecurity can feel like a life-or-death issue with regards to patient safety, which can keep CIOs awake at night. Some hospitals have been offline for days after a cybersecurity event, which […]
Read More
VA OIG Audit Uncovers Vulnerability Management Weaknesses
Agency Details Security Review Findings in an Arizona VA Healthcare System … Some experts say the OIG’s audit not only highlights important security risk management issues at the VA, but also in the healthcare sector overall. “The report rightly called out configuration management and security management,” said Wendell Bobst, senior security consultant at tw-Security. […]
Read More
Feds Urge Healthcare Providers, Vendors to Use Strong MFA
HIPAA-Covered Entities, Third Parties Reminded to Avoid Authentication Mistakes … “Healthcare is lagging when it comes to fully adopting multifactor authentication,” said Tom Walsh, president of privacy and security consultancy tw-Security. “Some of this could be because of legacy applications and systems that do not support MFA,” he told Information Security Media Group. But clinicians’ […]
Read More
Iowa Reports Third Big Vendor Breach This Year
Latest Breach Affects 234,000 Individuals; Involves Recent MCNA Insurance Co. Hack … Three large breaches within weeks of each other illustrates vendor risk challenges that many state agencies face, said Keith Fricke, principal consultant at healthcare security and privacy consultancy tw-Security. Those issues include the large number of third parties that many state agencies […]
Read More
Are Security Teams Blocking Innovation in Healthcare?
Startup companies don’t always factor in enough security when they build solutions, and that may raise red flags. Flexibility is essential. In the race to be “the first to introduce a new solution,” the old mindset was, “Get to market and we can secure it later.” That is no longer a viable option because these […]
Read More
Feds Hit Vendor With $350K Settlement in FTP Server Breach
Practice Management Software Firm’s 2018 Incident Affected Nearly 231,000 … Wendell Bobst, senior security consultant at privacy and security consultancy tw-Security, told Information Security Media Group that most of the security incidents he sees involving FTP servers involve weak practices by the operators of the FTP service. They include the use of generic folders, where […]
Read More
Long-Term Care Services Firm Says Breach Affects 4.2 Million
‘Inaccessible Computers’ Incident Initially Reported as Affecting 501 People … “Data breaches are time-consuming to investigate,” said Tom Walsh, president of privacy and security consulting firm twSecurity. For example, if phishing or compromised email accounts are implicated in a cybersecurity incident, “all of the saved email messages from the mailboxes of each employee – […]
Read More
California Medical Group’s Ransomware Breach Affects 3.3M
Regal Medical Group Says Patients of Several Affiliates Are Among Those Affected … “The entire organization is going to be at risk once a connected network is in place. This is why understanding the security stance of a potential acquisition before implementation to the network is so important,” says Susan Lucci, senior privacy and security […]
Read More