1. Hackers are coming for your healthcare records -- here’s why

    Data stolen from a bank quickly becomes useless once the breach is discovered and passcodes are changed. But data from the healthcare industry, which includes both personal identities and medical histories, can live a lifetime. Cyberattacks will cost hospitals more than $305 billion over the next five years and one in 13 patients will have their data compromised by a hack, according to industry consultancy Accenture.

    Read Full Article

    1. Enterprises with legacy systems are trying to connect to and integrate EHRs. Security is not always considered as a part of that, and patching systems is always fraught with peril. You're always a little behind with that.
    2. I really think in terms of ransomware, the stories of about hospitals paying the ransom are spreading among attackers, letting them know that they're a successful place to attack.
    3. I think attackers will continue to do what they do, looking for holes.
    4. Assume data will be taken, but make it useless.
    5. The presumption was that they were state actors.
    6. There's nothing in a bank's data that will give [hackers] the answer to that question, but it is in your health records and [insurance] claims data.
    7. The thinking is beginning to pivot.
    8. There's an evolving thinking among CIOs that one of the benefits of going to a public cloud is you avail yourself of state-of-the-art security that you could probably never replicate with your own IT organization.
    9. The nature of blockchain... requires both public and private encryption keys [that make it] virtually impossible for someone to get a nugget of data.
    10. If I was asked by a healthcare CIO where to go for cyberthreat data, I've got to give them a list of at least five or six sources, maybe more -- whether it's the FBI or homeland security... or some private companies.
    11. I would reiterate that security is everybody's business. It's not just up to the IT department.
  2. Authors