FOCUS ON CYBERSECURITY

Cybersecurity strategy: Hackers have one, do you?

Weaponized malware, hackers holding data hostage, social engineering and spearphishing campaigns — those are just the basic attack types common today. Hospitals also have to safeguard against the next big threat to health data when there’s literally no way to know what it will look like or when it might come.

During October, we talk to infosec executives and experts about the problems and practical steps to securing sensitive data, advice about what to do (and what not to do) during and after a security incident, and a look at emerging trends, such as analytics and evidence-based security that hospitals should know about.

What you need to know

cybersecurity infosec
News
Synthetic ID theft, infosec dashboards, the real weakest link and more factored into the security...
By Tom Sullivan |
breach medical identity theft
News
Hackers can perform synthetic identify theft long after a cybersecurity event by piecing together...
By Jessica Davis |
Cybersecurity vulnerability patch management
News
Veracode found that the healthcare and retail sectors are reducing risk the fastest among other...
By Jessica Davis |
Cloud security illustration.
News
But like with most things in healthcare, organizations need to keep following up after choosing the...
By Jonah Comstock |
infosec leader with network infrastructure
News
Take our quick survey, and we'll report on the results, so you can get a sense of what your...
By Healthcare IT News |
Staff monitoring security.
News
KPIs, metrics and other must-haves hospitals should track continuously to protect medical and...
By Bill Siwicki |
Workers looking at an analytics dashboard.
News
Infosec experts share advice about what innovators should track, security-wise, when building new...
By Laura Lovett |
Worker looking at an analytics dashboard.
News
Password strength, multiple tabs and SOC audits are some of the means by which healthcare providers...
By Jeff Lagasse |
Man working in server room.
News
Hospitals and medical groups with limited security resources still have leadership options in...
By Susan Morse |
Cloud security illustration.
News
But like with most things in healthcare, organizations need to keep following up after choosing the...
By Jonah Comstock |
FDA and Homeland Security signs.
News
While the two federal agencies have worked together on vulnerability disclosures in the past, a new...
By Jessica Davis |
Doctor texting.
News
As texting between patients and providers becomes more common, it’s imperative that providers...
By Laura Lovett |
News
Basic building blocks of a good information security plan can be found at lower costs than many...
By Beth Jones Sanborn |
cardiac implant xray
News
The Food and Drug Administration issued a cybersecurity alert on two Medtronic devices that could...
By Jessica Davis |
Anahi Santiago, Heather Roszkowski and Cris Ewell.
News
Keeping software up to date without disrupting care delivery requires a plan for regular patching...
By Mike Miliard |
News
Skipping out on comprehensive device documentation and risk assessment will cripple an organization...
By Dave Muoio |
HIPAA complaince audit form
News
As HIPAA was written when most providers still used paper charts, the framework today has plenty of...
By Corinne Smith |
man pointing at a computer screen with phone in hand
News
HITRUST launched a security program to help start-up companies bolster their privacy and security...
By Jessica Davis |
man working on server stacks
News
Security experts share insights about crafting lessons learned plans to obtain more resources...
By Tom Sullivan |
doctor with patient looking at tablet health record
News
As compliance continues to be a point of concern, we take a look at the implications of GDPR for UK...
By Leontina Postelnicu |
Christian Dameff speaking on stage
News
The healthcare sector is well-aware that medical devices are vulnerable, but it’s hard to...
By Jessica Davis |
Dan Constantino speaking to HIMSS TV
News
Penn Medicine CISO Dan Costantino outlines the steps to gathering information so you can plan...
By Dan Costantino |
News
BlackBerry' new healthcare-related security products include a blockchain system for medical...
By Laura Lovett |
computer login screen
News
Simulated attacks on a healthcare organization can help infosec leaders assess their security...
By Jessica Davis |
10 health tech hazards graphic
News
The prospect of hackers gaining access to remote access to networked IT systems and connected...
By Mike Miliard |
administrator login screen
News
New HIMSS Media research outlines hospitals’ top security concerns, ranks ways they’re...
By Tom Sullivan |
collage of photos about security breaches
News
As seen with Nuance and the Allscripts lawsuit, when a breach or cyber incident occurs – like...
By Jessica Davis |

Healthcare Security Forum

Jane Harper
Video
Jane Harper, Director Privacy & Security Risk Management at Henry Ford Health System, discusses...
By HIMSS TV |
News
It starts with hiring "hardcore cloud animals," to change the culture and rethink infosec...
By Tom Sullivan |
Theresa Payton, CEO of Fortalice Solutions
News
Experts at the HIMSS Healthcare Security Forum said the next phase of infosec should be to secure...
By Tom Sullivan |
HIMSS Security Forum Leadership Panel
News
While healthcare organizations are better understanding and investing in cybersecurity needs,...
By Jessica Davis |
Darren Lacey talking to HIMSS TV
Video
Johns Hopkins Medicine CISO Darren Lacey shares his thoughts on the sector’s inherent...
By HIMSS TV |
Christian Dameff speaking to HIMSS TV
Video
Despite the healthcare sector’s awareness of medical device flaws, many are still focused on...
By HIMSS TV |
Chad Wilson talking to HIMSS TV
Video
Chad Wilson, director of information security at Children’s National, explains how timely...
By HIMSS TV |
Theresa Payton talking to HIMSS TV
Video
Theresa Payton, president and CEO of Fortalice Solutions, explains how to avoid digital disasters...
By HIMSS TV |
Brian Selfridge talks to HIMSS TV
Video
Brian Selfridge, partner at IT Risk Management for Meditology, also explains the evolving role of...
By HIMSS TV |
Kirk Lippold talking to HIMSS TV
Video
Kirk Lippold, commander of United States Navy (RET), explains how intellectual honesty requires a...
By HIMSS TV |

Cyber Insurance

man under two umbrellas
News
The final chapter in our cyber insurance series outlines the legal considerations after a breach,...
By Jessica Davis |
computer screen with data breach
News
Part one of our cyber insurance series focuses on cyber policies and how organizations need to do...
By Jessica Davis |
illustration of man holding red umbrella
News
Part two of our cyber insurance series highlights the need for healthcare organizations to compare...
By Jessica Davis |
illustration of man holding red umbrella
News
Part three in our cyber insurance series highlights red flags and common mistakes to avoid when...
By Jessica Davis |
man under two umbrellas
News
The final chapter in our cyber insurance series outlines the legal considerations after a breach,...
By Jessica Davis |

HIMSS LEARNING CENTER

Upcoming Webinars / Webinar
A third of all breaches target healthcare companies. If you're in healthcare, or any other...
Upcoming Webinars / Webinar
How do you ensure ease of access to patient records in a timely manner without compromising privacy...
By Okta |
Upcoming Webinars / Webinar
This session will review the OpenSCAP compliance as code offering and how to automate your...

ACTIVE THREATS

Ryuk ransomware
News
Similar to the notorious SamSam variant that has wreaked havoc on the healthcare sector, the new...
By Jessica Davis |
Screensnaps of Whats App, iMessage and Facebook Messenger
News
Although the health system has been repeatedly dinged for lax security practices, most NHS...
By Mike Miliard |
Fax machines can breach a network
News
While CMS Administrator Seema Verma called for the end of fax machine use by 2020, new Check Point...
By Jessica Davis |
email login on user screen
News
Active training via simulated phishing, progressive disciplinary measures, disabling hyperlinks and...
By Bill Siwicki |
Homeland Security warns of spike in ERP system attacks
News
The web-based applications are designed to help organizations manage finances, HR issues and more...
By Jessica Davis |
RDP backdoors for $10 to hack into healthcare systems
News
With access to hacked machines cheaply available and thousands of new ports being added daily, it...
By Jessica Davis |
GandCrab ransomware variant targeting legacy systems
News
The newest variant of the prolific ransomware forms this year has been updated to include a stolen...
By Jessica Davis |
ransomware lock screen for users
News
What experts are saying hospitals can do now to avoid falling prey to the ransomware as hackers...
By Jessica Davis |

Thought leaders on HIMSS TV

Healthcare Security Forum presenters talk about preventing medical device hacks
Video
Jeff Tully, security researcher at the UC Davis, and Christian Dameff, emergency medical doctor at...
By HIMSS TV |
Jane Harper of Henry Ford Health System talks about security risk management at Healthcare Security Forum
Video
Jane Harper, director of privacy and security risk management at Henry Ford Health System,...
By HIMSS TV |
Anahi Santiago, CISO and Christiana Care Health System talking at Healthcare Security Forum in San Francisco
Video
Anahi Santiago, CISO and Christiana Care Health System, discusses strategies healthcare companies...
By HIMSS TV |
Allyson Vicars of Advisory Board talks about security at Healthcare Security Forum
Video
Allyson Vicars, associate director of health IT research at the Advisory Board, give a deep...
By HIMSS TV |
Lee Kim of HIMSS Analytics talks about cybersecurity with HIMSS TV
Video
Lee Kim, director of privacy and security at HIMSS, gives a comprehensive overview of the threats,...
By HIMSS TV |
Michael Archuleta of Mt. San Rafael Hospital talks about data risk at Healthcare Security Forum
Video
Michael Archuleta, CIO and HIPAA and information security officer at Mt. San Rafael Hospital, takes...
By HIMSS TV |

Cybersecurity Investments

underinvesting in cybersecurity can cost you a lot per patient record
News
A breach in financial services, the second most expensive sector, costs only half of what hospitals...
By Jessica Davis |
Hospitals investing big in clinical communications with secure texting
News
Health system executives are convinced that mobile technology improves patient safety, but are...
By Mike Miliard |