CISO Brief April 2026: Cybersecurity Threat Recap & Key Insights
The high-profile cybersecurity incident at Stryker last month was a sharp reminder that cybersecurity events do not need to directly impact connected medical devices to still disrupt patient care. On March 11, Stryker disclosed a cyberattack that caused a global disruption to parts of its Microsoft environment, affecting order processing, manufacturing, and shipping. While the […]
AI Governance: The Only Realistic Solution to Shadow AI
You’ve likely heard it from your executives, in the forums, and even from television ads. With AI products like ChatGPT and Claude advancing in leaps and bounds, people in all fields should take advantage of AI’s productivity-boosting capabilities. And many in the healthcare industry are. Here are two examples of what well-meaning clinicians did on […]
Why Healthcare Third-Party Risk Management (TPRM) Must Change
Healthcare organizations are on the front line of protecting some of the most sensitive data in the world. Patients’ health information, treatment records, insurance details, and identifiers must be safeguarded at all times. But as we have seen over the past year, that responsibility does not stop at your firewall. It extends outward into a […]
How to Make Third-Party Risk Manageable
A new Fortified webinar, “Make Third-Party Risk Manageable,” will help you take steps to protect your organization from the security threats posed by vendors. This informative webinar is hosted by Melissa Adams, Fortified’s Director of Third-Party Risk Management, and Jared Michaels, Principal Solutions Architect. Some of the largest healthcare breaches in recent years have involved […]
CISO Brief: Cybersecurity Awareness Month 2025
Since the start of 2025, the healthcare sector has continued to experience cyber incidents that have disrupted patient care, exposed millions of records, and reshaped organizational thinking about resilience. Cybersecurity Awareness Month is not just about reminding people of risks; it’s about translating real-world events into actionable lessons. Below is a look back at the […]
The Evolution of TPRM in Healthcare: From Spreadsheets to Strategic Change
Third-party risk management (TPRM) is no longer a nice-to-have in healthcare; it’s a strategic necessity. Healthcare organizations are under growing pressure to manage third-party risk more effectively. High-profile incidents like the Change Healthcare breach have shown just how deep the ripple effects of a vendor issue can run; impacting operations, financial systems, and patient care […]
Do Your Security Policies Include Your Vendors?
Most healthcare organizations and their IT teams recognize the importance of maintaining internal network security. Unfortunately, many often lack clear insight into the significant cybersecurity risks posed from their third-party vendors. Increasingly, cyber attacks against hospitals and health systems don’t begin within the medical facility’s internal infrastructure; it originates from their vendor’s system, eventually working its […]
Are You Introducing Risk to Your Organization? Here’s How to Find Out.
The last few years have thrown many curveballs, like Covid, cyberinsurance changes, and a record number of attacks, at healthcare IT and Security teams. During these trying times, many teams were understaffed and resource-constrained, trying to put out daily “fires” and helping maintain efficient patient care. As a result, some fundamental elements of the organization’s […]
The Next Big Challenge in Healthcare Is Here. Are You Prepared?
Third-Party Risk Management, or TPRM, is a growing concern for healthcare organizations. According to the 2022 Ponemon Industry Report, 63% of respondents stated that while cybersecurity incidents involving third parties are increasing, they feel ineffective at controlling third-party risk. Additionally, 55% of healthcare organizations had experienced a data breach in the twelve months before the […]
Third-Party Risk Management: A Guide to More Secure Partnerships
The use of third-party vendors has become essential for delivering comprehensive patient care, streamlining operations, and enhancing service quality in healthcare. However, these relationships present complex data security challenges for healthcare organizations. This article will explore the complexities of managing third-party risk in healthcare, how threat actors exploit vendor vulnerabilities, and provide best practices for […]