SIEM and EDR, and Why You Need Both
When facing increased cyber threats, it’s vital for healthcare organizations to deploy strategies that incorporate a multi-faceted approach to threat monitoring. Two essential threat monitoring and response tactics are security information and event management (SIEM), and endpoint detection and response (EDR). Before considering SIEM and EDR as a complete cybersecurity solution, it is helpful […]
How Healthcare Organizations Should Strengthen Their Cybersecurity Framework
A strong cybersecurity framework guards against the most prominent cyber threats in healthcare. This framework should also be scalable to meet new threats. By staying aware of the latest cyber attacks in healthcare and prepping your security team, your organization can keep a step ahead of today’s cyber criminals. Here is what every healthcare organization […]
Is Electronic Protected Health Information (ePHI) Getting Outside Your Healthcare Organization?
Under HIPAA regulations, health information or data that can be used to identify an individual patient is categorized as protected health information (PHI) and must undergo a wide range of practices explicitly designed to protect patient confidentiality. Covered entities must implement processes and controls to ensure confidentiality, integrity, and availability of physical PHI and electronic […]
5 Reasons to Conduct Yearly Penetration Testing
When protecting your network from external threats, you sometimes need to think like a hacker. You can better prevent cyber attacks by understanding how perpetrators could potentially access sensitive data. Therefore, penetration testing should be a part of your yearly cybersecurity plan. What penetration testing? Penetration testing is one of the best ways to pinpoint […]
Evolving the Cybersecurity Landscape
There are multiple factors that the healthcare industry must pay attention to as we look towards building robust cybersecurity programs. One of the most pressing factors is the rapid digitization of healthcare that was happening before the pandemic and is happening at a faster pace now that COVID0-19 has changed the way healthcare is delivered. […]
HIPAA Changes Regarding COVID-19
In light of the COVID-19 pandemic, the Department of Health and Human Services (HHS) and the Office of Civil Rights (OCR) have issued a Limited Waiver of HIPAA Sanctions and Penalties. While HIPAA regulations and protected health information (PHI) protections are still in place, it’s important that healthcare facilities understand what protocols the limited waiver […]
How to Maintain Cybersecurity When Employees Work Remotely
With the spread of Covid-19 around the country, many organizations are sending employees home to work remotely. Doing so can be an essential health and safety precaution, however, remote work comes with additional cybersecurity threats. Here are some ways that organizations can prioritize network security while employees are dispersed. Implement Network Access Control (NAC) When […]
Benefits of Continuous HIPAA Analysis
The HIPAA Security Rule Administrative Safeguards includes requirements that covered entities “implement policies and procedures to prevent, detect, contain and correct security violations.” This standard requires both Risk Analysis and Risk Management. The Risk Analysis implementation specification requires covered entities to “conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the […]
Five Major Cybersecurity Threats to Your System
The barrage of cyber attacks against healthcare organizations, including network security compromise and data breaches, force IT departments across the globe to continuously adjust their lines of defense. The increasing complexity and sophistication of cybercriminal activities mean healthcare organizations must remain vigilant against a broad scope of possible cyber attacks. However, hackers do tend to […]
Cybersecurity Reminder: Microsoft Ending Support for Server 2008/R2 & Windows 7
Microsoft Server 2008/R2 & Windows 7 is coming to an end, and so are its tech support and updates. Microsoft’s announcement poses a significant cybersecurity threat to any healthcare IT infrastructure running on Microsoft Server 2008/R2 & Windows 7. According to Microsoft: “The specific end of support day for Windows 7 will be January 14, […]
