More Major Hacking Incidents Added to HHS Breach Tally

April 28, 2022

Latest Analysis of Federal Health Data Breach Reporting Site

Keith Fricke, principal consultant at privacy and security consulting firm tw-Security, offers a similar assessment. “Incident response and forensic investigation takes time, especially when the victim organization is large and has voluminous data and logs to review to determine scope of a breach,” he says. “Sometimes an organization discovers that additional systems were accessed or compromised than were originally identified. If a breached organization did not completely address weaknesses that allowed criminals to gain unauthorized access, they may be able to sustain that access or regain access, leading to an increase in the scope of an initial breach.”

… Fricke agrees that if tensions between Russia and the United States/NATO escalate, organizations should expect to see more cyberattacks.”If they aren’t already doing so, organizations need to patch operating systems and applications to address security vulnerabilities, along with conducting internal phishing campaigns, phishing training, and proactive monitoring of network and system logs,” he says. Fricke also says covered entities should be performing risk assessment of their vendors prior to signing contracts and periodically thereafter to the extent possible.

 

For more information or to schedule a FREE initial consultation – contact tw-Security.
Read More