As cyberattacks grow in number and organizations find more ways to access private data, the healthcare industry should make use of cyberthreat intelligence, according to Jeff Bell, HIMSS privacy and security committee chair.
Cyberthreat intelligence, Bell writes in a recent blog post, is actionable data about threats, malware and vulnerabilities that organizations can use to increase their security systems.
There are numerous sources for this kind of intelligence, including non-commercial entities like the U.S. Computer Emergency Readiness Team, the U.S. Department of Homeland Security National Cybersecurity and Communications Integration Center and the National Cyber-Forensics & Training Alliance, Bell says.
Vendors of security products also often have their own intelligence feeds, he adds.
This kind of intelligence is increasingly necessary as cyberattacks become more sophisticated, Bell says. Today there are advanced persistent threats, which he says are instances where hackers gain access to information without being detected for long periods of time. Operating system vulnerabilities, such as Shellshock and the Heartbleed bug, also are causing problems in the industry.
"[H]ealthcare organizations should evaluate the effectiveness of their cybersecurity program and make improvements where appropriate," Bell writes. "Consider how cyberthreat intelligence can help your healthcare organization to improve the ability to prevent, detect, respond and recover from cyberattacks."
Throughout all industries, cyberattacks made headlines last year, with healthcare information one of the top targets.
One of the most recent attacks was on Sony Pictures, where documents obtained by the hackers include health information on dozens of employees, their children or spouses, FierceHealthIT previously reported.
For 2015, particular challenges to the healthcare industry could include an increase of phishing emails that try to lure recipients into giving out information such as usernames, passwords or credit card numbers. They also can give attackers ways to infiltrate the enterprise network.
To learn more:
- read the post