HIMSSCast: Web apps are ubiquitous in healthcare – and come with vulnerabilities

Advice for healthcare CISOs, CIOs and other security leaders on how best to protect their organizations from the vulnerabilities that lie within web apps, from Johannes Ullrich, dean of research at the SANS Technology Institute.
By Bill Siwicki
10:38 AM

Photo: Tetra Images/Getty Images

A web application takes advantage of standards developed for browsers to deliver information to users or other applications. Most of the processing tends to happen remotely, and the user's browser is used to display the results.

One advantage of the standards developed to support applications in web browsers is that they now also are used for mobile applications and other modern technologies.

But there are many security vulnerabilities that come with these ubiquitous web apps in healthcare.

Johannes Ullrich is dean of research at the SANS Technology Institute. The SANS Institute was established in 1989 as a cooperative security research and education organization. Ullrich discusses in this week's podcast the kinds of security vulnerabilities that come with web apps, ways security leaders at healthcare provider organizations can overcome the security vulnerabilities of web application technologies, and much more.

 

Like what you hear? Subscribe to the podcast on Apple PodcastsSpotify or Google Play!

Talking points:

  • Where are web application technologies in healthcare and what do they enable?

  • What kinds of security vulnerabilities come with them?

  • Security administrators in healthcare need to understand these vulnerabilities, but often do not. What's the disconnect?

  • What are some of the ways security leaders at healthcare provider organizations can overcome the security vulnerabilities of web application technologies?

  • Advice for healthcare CISOs and CIOs about web application technology security vulnerabilities.

More about this episode:

How the Change Healthcare cyberattack is straining providers, and what the government can do

A sense of urgency at the Healthcare Cybersecurity Forum

HSCC publishes 5-year healthcare cybersecurity strategic plan

NIST updates Cybersecurity Framework with Version 2.0

Health tech hazards: At-home medical devices, AI governance on ECRI's new list

Follow Bill's HIT coverage on LinkedIn: Bill Siwicki
Email him: bsiwicki@himss.org
Healthcare IT News is a HIMSS Media publication.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.