There is a perception that how quickly an organization detects a security incident and executes a response plan can enhance its reputation. This potential return on investment is encouraging more organizations to focus their energies on a formal incident response team and plan, according to a survey by Arbor Networks.
HITRUST will conduct monthly cyber threat briefings in partnership with the U.S. Department of Health and Human Services and notify healthcare organizations about high probability and impact cyber threats targeted at the healthcare industry.
Attacks against medical devices and critical health care systems are no longer theoretical. In fact, according to a report from the SANS Institute, poorly protected health care systems are not able to fight off the barrage of attacks.
When the development cycle moves quickly, it will often bypass security. When rapid development equates to shoehorning security controls in after the fact, we’re left with an approach that has potentially disastrous consequences.
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
While security monitoring generates big data, in its raw form it remains only a means to an end. Ultimately, information security decision making should be based on prioritized, actionable insight derived from the data.
The threats that companies face will continue to accelerate. And while that might seem like a very obvious and not so insightful observation, the devil is in the details. Here are the trends both in the threats and how we will respond to them in 2014.