Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Ontario Hospitals Expect Monthlong Ransomware Recovery

Patient Care Still Disrupted and IT Network, EHR System Down Until Mid-December   … TransForm’s decision to rebuild its IT network from scratch, as opposed to taking other remediation options, likely means that core network services that run on servers were affected, said Keith Fricke, partner and principal consultant at privacy and security firm tw-Security. […]

Read More

Firm Notifies Patients of 55 Health Practices of MOVEit Hack

Anesthesiology, Pain Management, Gastro Practices Affected Across Several States   … While other sectors, including government, banking and education also have been affected, MOVEit hacks appear to be hitting the healthcare sector particularly hard, perhaps due to high numbers of patients collectively treated or serviced by victim organizations, said Wendell Bobst, senior security consultant at […]

Read More

Cybersecurity in Healthcare: Critical Connection to Patient Safety

Feature article by tw-Security President Tom Walsh. In a threatening digital landscape, healthcare CIOs need to to uphold patient safety by implementing cybersecurity measures. Healthcare cybersecurity can feel like a life-or-death issue with regards to patient safety, which can keep CIOs awake at night. Some hospitals have been offline for days after a cybersecurity event, which […]

Read More

VA OIG Audit Uncovers Vulnerability Management Weaknesses

Agency Details Security Review Findings in an Arizona VA Healthcare System   … Some experts say the OIG’s audit not only highlights important security risk management issues at the VA, but also in the healthcare sector overall. “The report rightly called out configuration management and security management,” said Wendell Bobst, senior security consultant at tw-Security. […]

Read More

Feds Urge Healthcare Providers, Vendors to Use Strong MFA

HIPAA-Covered Entities, Third Parties Reminded to Avoid Authentication Mistakes   … “Healthcare is lagging when it comes to fully adopting multifactor authentication,” said Tom Walsh, president of privacy and security consultancy tw-Security. “Some of this could be because of legacy applications and systems that do not support MFA,” he told Information Security Media Group. But clinicians’ […]

Read More

Iowa Reports Third Big Vendor Breach This Year

Latest Breach Affects 234,000 Individuals; Involves Recent MCNA Insurance Co. Hack   … Three large breaches within weeks of each other illustrates vendor risk challenges that many state agencies face, said Keith Fricke, principal consultant at healthcare security and privacy consultancy tw-Security. Those issues include the large number of third parties that many state agencies […]

Read More

Are Security Teams Blocking Innovation in Healthcare?

Startup companies don’t always factor in enough security when they build solutions, and that may raise red flags. Flexibility is essential. In the race to be “the first to introduce a new solution,” the old mindset was, “Get to market and we can secure it later.” That is no longer a viable option because these […]

Read More

Feds Hit Vendor With $350K Settlement in FTP Server Breach

Practice Management Software Firm’s 2018 Incident Affected Nearly 231,000 … Wendell Bobst, senior security consultant at privacy and security consultancy tw-Security, told Information Security Media Group that most of the security incidents he sees involving FTP servers involve weak practices by the operators of the FTP service. They include the use of generic folders, where […]

Read More

Long-Term Care Services Firm Says Breach Affects 4.2 Million

‘Inaccessible Computers’ Incident Initially Reported as Affecting 501 People   … “Data breaches are time-consuming to investigate,” said Tom Walsh, president of privacy and security consulting firm twSecurity. For example, if phishing or compromised email accounts are implicated in a cybersecurity incident, “all of the saved email messages from the mailboxes of each employee – […]

Read More

California Medical Group’s Ransomware Breach Affects 3.3M

Regal Medical Group Says Patients of Several Affiliates Are Among Those Affected   … “The entire organization is going to be at risk once a connected network is in place. This is why understanding the security stance of a potential acquisition before implementation to the network is so important,” says Susan Lucci, senior privacy and security […]

Read More