Healthcare Information Security Podcast

In a case study interview, Aaron Miri, CIO at The University of Texas at Austin, describes steps the organization is taking to streamline and automate third-party risk management at its various units, including its medical school and clinical practice.

Quantum computing eventually could break existing cryptographic methods with brute force attacks, so organizations need to prepare now, says Evangelos Rekleitis of ENISA.

Digital transformation makes the headlines. But behind the scenes, many enterprises are struggling with the effects of cloud migration and the “shift left” movement. Knox Anderson of Sysdig shares tips for approaching the modern cloud.

The latest edition of the ISMG Security Report features an analysis of recent “tell-all” interviews with members of ransomware gangs. Also featured: insights on securing IoT devices and mitigating insider threat risks.

Unemployment fraud incidents have spiked in the past year, and high-salaried senior executives are often the fraudsters’ victims. Dr. Christopher Pierson of BlackCloak describes how these scams are pulled off, what impact they have and how the CISO can bolster defenses.

In light of recent supply chain attacks, many organizations need to improve mitigation of the risks posed by their vendors, says Tony Cook, head of threat intelligence at GuidePoint Security.

This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."

To help strengthen the healthcare sector's defenses, the Center for Internet Security is offering all U.S. hospitals and healthcare delivery systems a free protection service designed to help block ransomware and other malware, says Ed Mattison, the center's executive vice president.

The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.

With the explosion of remote business, we are now digitizing many of our documents and processes. Entrust’s Jay Schiavo explains what new mindset this shift requires, what’s needed to ensure document authenticity and integrity.

What are best practices for applying automation to make SOCs more efficient? Cory Mazzola, executive fellow at the Tuck School of Business at Dartmouth College, offers insights.

Proposed changes to the HIPAA Privacy Rule could weaken patient data privacy protections, say Rita Bowen and Zachary Perry of the Association of Health Information Outsourcing Services, who explain why in this joint interview.

This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.

Third-party software component vulnerabilities in medical devices are among several cyber-related health technology hazards posing significant risks to healthcare entities and their patients, say researchers Chad Waters and Juuso Leinonen of ECRI, a not-for-profit patient safety organization.

The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.

As the healthcare sector works to provide patients with secure access to their health information via smartphones and other devices, it must address critical identity and trust issues, says DirectTrust president and CEO Scott Stuewe.

Broken object level authorization, or BOLA, vulnerabilities are among the most common and worrisome weaknesses contained in dozens of mobile health applications used by patients and clinicians, posing security and privacy risks to health information, says cybersecurity researcher Alissa Knight.

This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.

In light of the threat of ransomware attacks, healthcare organizations need to take extra steps to ensure their systems are adequately backed up - and that those backups are protected, says Martin Littmann of Kelsey-Seybold Clinic. He'll be a speaker at ISMG's Virtual Cybersecurity Summit: Healthcare.

Mike Hamilton, founder and CISO of CI Security, followed an unusual path that led him to a career in cybersecurity. He says those who, like him, lack a formal education in security can build successful CISO careers.