This has already been a record-setting year for cybersecurity, in all the wrong ways. Errol Weiss, chief security officer of Health-ISAC, discusses the cyber risks he’s most concerned about and makes the case for cross-sector information sharing.
If the cybersecurity space has seemed a bit busier than usual recently, you’re not imagining things. At the halfway mark of 2024, the Department of Health and Human Services’ Office for Civil Rights showed nearly 400 data breaches reported to its portal as of June 30 – the most in six months since OCR began keeping track 14 years ago.
Weiss discussed the critical value of such information sharing as healthcare organizations work to shore up their defenses and risk-mitigation strategies amid an increasingly fraught cybersecurity landscape.
Listen to the full interview on HIMSSCAST here:
Some pulled quotes from the interview:
Ransomware is a business model that started about 10 years ago, and it is only maturing. We are tracking attacks every day.
Lean on the basics right now: Backups (and test them! Tear a system down and build it back up to see if it works. CISA has a good list of current vulnerabilities to patch. MFA on everything!
In my experience, sharing works better when it is voluntary. Voluntary Sharing of one’s incident information also allows one to learn from others. There is usually someone within the Health-ISAC community who has faced a similar challenge to the one you are currently facing.