As we continue to round up our experts to get their predictions for next year, we turn to security. Remote work staffs are adding to another layer of security for healthcare systems and provider facilities. Cyber attacks are in the news on a national level and should be an alert...
Year: 2020
Fortified Health Security Releases 2021 Horizon Report
Highlights COVID-19’s impact on healthcare’s security infrastructure in 2020; predicts what’s to come for providers, payers, and patients as emergent cybersecurity threats continue to evolve FRANKLIN, Tenn. – December 16, 2020 – Fortified Health Security, Healthcare's Cybersecurity Partner®, today released the 2021 Horizon Report. The report details findings that illustrate...
A Deeper Look at the Ryuk Ransomware Threat Targeted at Healthcare
A little while back the government put out a cybersecurity advisory about an “imminent cybercrime threat” that was targeting hospitals using Ryuk ransomware. To dive deeper into this threat, what this announcement means for healthcare, and what healthcare organizations can do to be prepared for this and other threats, Healthcare...
As hospitals cope with a COVID-19 surge, cyber threats loom
By late morning on Oct. 28, staff at the University of Vermont Medical Center noticed the hospital’s phone system wasn’t working. Then the internet went down, and the Burlington-based center’s technical infrastructure with it. Employees lost access to databases, digital health records, scheduling systems and other online tools they rely...
Ransomware latches onto fake ads for Microsoft Teams updates
Dive Insight: Fortified's Dan L. Dodson recently discusses ransomware latches onto fake ads for Microsoft Teams with Cybersecurity Drive. Malware disguised in fraudulent ads or updates is another phishing scheme organizations need to watch for. At least 60,000 parked domains became "malicious," or linked to phishing and malware, between March...
Hospitals make themselves a target for cyber attacks
Last week, the FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency published an advisory based on credible information "of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers." Read the full article here.
Cybersecurity advisory a ‘call to arms’ for healthcare CIOs
A cybersecurity advisory from the federal government not only puts healthcare CIOs on high alert but also signals a call to arms. Dodson recommended CIOs consider the organization's culture when choosing how to alert staff to the threat. "If you're an organization that heavily floods your user base with awareness...
Using Zoom for Telehealth Visits: How to Maintain an Acceptable Risk Profile
This post-implementation security review of a clinic using Zoom for telehealth visits includes specific technical findings and actionable recommendations for healthcare providers. “The healthcare disruption wrought by the COVID-19 outbreak is causing providers large and small to rethink care delivery – everything from registration and waiting room protocols to the...
Securing the Home Office: How Healthcare Is Adapting to Remote Work, During and After COVID-19
Fortified's CEO, Dan L. Dodson, recently spoke with Health IT Answers about cyber-attack trends and how they impact healthcare organizations. Dodson also shares insights into risks associated with remote workers. Topics of discussion:1) Email cyber-attack trends in 20202) Questions organizations should be asking about their cybersecurity programs3) What impacts COVID-19...
Evolving the Cybersecurity Landscape
At Fortified Health Security, we know that there are multiple factors that our industry must pay attention to as we look towards building robust cybersecurity programs. One of the most pressing factors is the rapid digitization of healthcare that was happening before the pandemic and is happening at a faster...
2018 Horizon Report
2018 Horizon Report The State of Cybersecurity in Healthcare Download Fortified Health Security’s just-released annual Healthcare Cybersecurity Horizon Report. This extensive report is released at a critical time as healthcare organizations prepare for 2018. The report details the urgent state of cybersecurity in healthcare, increased threats, predictions and steps that...
2017 Horizon Report
2017 Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report The Year in Review for 2016: News-making breaches and reports The Evolution of Ransomware: 2016 – The Year of Ransom Breach Data Review: OCR study results and insights Trends and Predictions for 2017: Our...
2017 Mid-Year Horizon Report
2017 Mid-Year Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report Medical Device Security best practices Breach update, including WannaCry & Petya Cybersecurity Task Force Report findings review Preventative measures recommendations Download
2018 Horizon Report
2018 Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report Breach update, including Providers, Health Plans & Business Associates FDA Medical Device Safety Plan Analysis and Recommendations Steps for Identifying & Protecting Patient Information NIST Cybersecurity Framework Reaction Download
2018 Mid-Year Horizon Report
2018 Mid-Year Horizon Report The State of Cybersecurity in Healthcare Download
2019 Horizon Report
2019 Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report Breach update, including number of breaches caused by hacking Cybersecurity personnel shortages Steps for addressing connected medical device security challenges The journey toward HITRUST certification explained Download
2019 Mid-Year Horizon Report
2019 Mid-Year Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report Latest breach data and industry trends Penetration testing preparations Peer-based comparative analytics examined Impacts of Microsoft Office 365 Download
2020 Horizon Report
2020 Horizon Report The State of Cybersecurity in Healthcare What we cover in the latest report Historical breach data and industry trends Cybersecurity technology consolidations Latest ransomware attacks analyzed Stark Law reform Download
2020 Mid-Year Horizon Report
2020 Mid-Year Horizon ReportThe State of Cybersecurity in Healthcare What we cover in the latest report Latest breach data and industry trends Effects of COVID-19 Work from Home (WFH) security best practices Telemedicine & associated HIPAA risks Download
The Risk of Nation-State Hackers, Government-Controlled Health Data
The COVID-19 pandemic has driven a rise in targeted, sophisticated cyberattacks designed to take advantage of an increasingly connected environment. In healthcare, it’s led to a rise in nation-state attacks, in an effort to steal valuable COVID-19 data and disrupt care operations. Read the full article here.
Health IT Security – COVID-19 Impact on Ransomware, Threats, Healthcare Cybersecurity
COVID-19 has significantly shifted the threat landscape from attacks on individuals and small businesses to critical infrastructure, governments, and major corporations, according to Interpol. Malicious cyberattacks were behind the majority of healthcare IT security incidents, while ransomware demands soared as “big game” variants dominated the threat landscape. Read the full article here.
Fortified Health Security Releases 2020 Mid-Year Horizon Report
Fortified Health Security, the recognized leader in cybersecurity for healthcare, today released the 2020 Mid-Year Horizon Report. The report details findings that illustrate how the COVID-19 pandemic has created a sudden demand for solutions like remote work and telehealth, and how meeting these demands has created an increased cybersecurity risk...
Fortified Health Security Releases 2020 Mid-Year Horizon Report
Report details increased cybersecurity risk for healthcare industry amidst COVID-19 pandemic; shares actionable guidance for stakeholders FRANKLIN, Tenn. – August 3, 2020 – Fortified Health Security, the recognized leader in cybersecurity for healthcare, today released the 2020 Mid-Year Horizon Report. The report details findings that illustrate how the COVID-19 pandemic...
Fortified Health Security Announces New Addition to Executive Leadership Team
Fortified Health Security, the recognized leader in cybersecurity for healthcare, today announced the appointment of Dave Glenn as Chief Revenue Officer. A seasoned leader with over 30 years of combined experience in information technology, cybersecurity, enterprise sales and business development execution and leadership, Glenn joins Fortified Health Security’s executive leadership...
Compliance Scanning – are you overlooking a big part of Vulnerability Management?
Designing and deploying a vulnerability management program is essential — but many of these programs are still missing a crucial piece of the puzzle.
Single Sign-On vs. MFA: Do You Know The Difference?
Usernames and passwords are the foundation of user authentication, but these factors are no longer enough to prevent data exposure. As cyber threats become more complex, companies are fighting back through single sign-on and multi-factor authentication. These solutions can strengthen your cybersecurity framework without hindering user experience. What Is Single...
Kwampirs Trojan Targets Healthcare Industry
In response to the latest attack on the healthcare industry by the cybercriminal group Orangeworm, Fortified Health Security COO William Crank penned a commentary for the Disaster Recovery Journal – the leading industry resource for business continuity professionals covering disaster recovery, crisis management, and risk management. Throughout the article, Crank discusses what...
HIPAA Changes Regarding COVID-19: What Healthcare Organizations Should Know
In light of the COVID-19 pandemic, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR) have issued a Limited Waiver of HIPAA Sanctions and Penalties. While HIPAA regulations and protected health information (PHI) protections are still in place, it’s important that healthcare facilities understand...
How to Maintain Cyber Security When Employees Work Remotely
With the spread of Covid-19 around the country, many organizations are sending employees home to work remotely. Doing so can be an essential health and safety precaution. However, remote work comes with additional cybersecurity threats. Here are some key ways that organizations can prioritize network security while employees are dispersed....
Do You Meet HIPAA’s 3 Areas of Security?
As the occurrence of cyber-attacks and data breaches continue to grow, medical providers find themselves tasked with adhering to an ever-increasing litany of HIPAA compliance requirements. Thus, strong cybersecurity program implementation and maintenance should remain a top priority for healthcare facilities of every size across the U.S. This is especially...
Benefits of Continuous HIPAA Analysis
Within the HIPAA Security Rule Administrative Safeguards, requirements include that covered entities “implement policies and procedures to prevent, detect, contain and correct security violations.” This standard requires both Risk Analysis and Risk Management which assist an organization's management in developing protections for confidentiality, integrity, and availability of ePHI within the...
Five Major Cybersecurity Threats to Your System – And How To Protect Against Them
Healthcare facilities continue to combat the threat of cyber attacks within their digital landscapes, forcing IT departments across the globe to continuously adjust their lines of defense against a network security compromise or data breach. The increasing complexity and sophistication of cybercriminal activities mean healthcare organizations must remain vigilant against...
Cybersecurity Reminder: Microsoft Server 2008/R2 & Windows 7 Support Ends January 2020
As a reminder, Microsoft Server 2008/R2 & Windows 7 is coming to an end, and so are its tech support and updates. Microsoft’s reminder announcement poses a significant cybersecurity threat to any healthcare IT infrastructure running on Microsoft Server 2008/R2 & Windows 7: “The specific end of support day for...
Healthcare Security Incident and Event Management (SIEM): An Introduction to Capabilities
As healthcare organizations continue to embrace and rely on a diverse range of technologies to both manage and treat patients, their internal IT and cybersecurity environments continue to become more complex and challenge situational awareness. This rampant surge of innovation utilization is unlikely to change over the next several years...