Tag Archive for: timely

HIPAA requires ‘timely response’ for security incidents, says alert to health sector

/in


People wait outside a hospital emergency room in Texas. (Photo by Brandon Bell/Getty Images)

Not only will a timely response to security incidents prevent and reduce recovery time from cyberattacks, the Health Insurance Portability and Accountability Act requires covered entities to implement policies to address incidents, according to the cyber bulletin from the U.S. Department of Health and Human Services’ Office for Civil Rights.

To OCR, the rise of hacking incidents across all sectors is cause for concern. About 74% of all healthcare data breaches reported to the agency in 2021 involved hacking or IT incidents, which makes hacking “the greatest threat to the privacy and security of protected health information.”

Consider the latest spate of cyberattacks and related periods of electronic health record downtime in healthcare. The outage at OakBend Medical Center in Texas lasted for about three weeks and led to care diversion during the initial days, as well as the theft of patient data. Patients were also hit with fraud attempts in the wake of the incident.

Meanwhile, CommonSpirit Health was struck with ransomware on Oct. 3 and has led to care disruptions at a portion of its 700 care sites and 142 hospitals across the country. Local media outlets note that many of these impacted hospitals are still working to recover several weeks after the attack. CommonSpirit has not issued an update since Oct. 17.

Based on the financial reports of health systems following several weeks of network outages, cyberattacks can cost upwards of $1 million per each day of downtime. For Scripps Health, a month of downtime after its 2021 cyberattack cost $122.7 million in lost revenue and recovery.

“Security incidents will almost inevitably occur during the lifetime of a regulated entity,” OCR officials wrote. Adhering to the HIPAA-required security incident response plan can enable providers to effectively pivot and recover from potential cyber incidents.

These plans should include methods for identifying and responding to security incidents, as well as mitigating possible harmful impacts and documenting each incident and the outcomes.

Incident response processes should begin with forming a team with…

Source…

We’re ‘firefighters’ for victims of armed conflict – Hackers Without Borders co-founder on NGO’s timely arrival

/in


‘We had NGOs for press, medical staff, and mental health issues, but not for cyber-attack victims’

Hackers Without Borders co-founder discusses the NGOs timely arrival

INTERVIEW A trailblazing humanitarian group launched last month as Russian troops massed on the Ukrainian border. What followed has made its existence all the more necessary.

Hackers Without Borders (HWB) is a Geneva-based non-governmental organization (NGO) that is offering emergency infosec assistance to other NGOs and providers of critical services.

Like fellow NGO and semi-namesake Médecins Sans Frontières (Doctors Without Borders), the group emphasizes its neutrality when helping victims of armed conflict.

Staffed by volunteer hackers and infosec experts, the organization will, free of charge, help individuals or organizations handle the fallout of cyber-attacks, protect them from further assaults, and bolster their cyber-resilience.

“We have NGOs for press, for medical staff, and mental health issues, but not for protecting and helping the victims of cyber-attacks,” HWB co-founder Florent Curtet tells The Daily Swig.

“We hope to change this by creating an NGO that’s run by cybersecurity experts, who can provide security assistance to those in need.”

Curtet, a web security specialist who has previously pen-tested systems for Interpol, the UN, and the French Ministry of Armed Forces, is one of four co-founders with a range of expertise.

The others include Pierre-Marie Léoutre, a crypto-security expert and former threat intelligence specialist at the Gendarmerie Nationale; Karim Lamouri, a multilingual IT director for a Parisian suburb and security consultancy CEO; and Clément Domingo, an ethical hacker, capture-the-flag (CTF) competition founder and participant, and founder of a digital privacy awareness-raising campaign aimed at students.

RELATED Bug bounty leader Clément Domingo on cybersecurity in Africa, hacking events, and chaining vulnerabilities for maximum impact

Red Cross attack

The quartet decided to form HWB after being angered by the recent cyber-attack against the International Committee of the Red Cross that exposed information belonging to over half a million “highly vulnerable” people.

On February 4, just over…

Source…

‘We’re firefighters for victims of armed conflict’ – Hackers Without Borders co-founder on NGO’s timely arrival

/in


‘We had NGOs for press, medical staff, and mental health issues, but not for cyber-attack victims’

Hackers Without Borders co-founder discusses the NGOs timely arrival

INTERVIEW A trailblazing humanitarian group launched last month as Russian troops massed on the Ukrainian border. What followed has made its existence all the more necessary.

Hackers Without Borders (HWB) is a Paris-based non-governmental organization (NGO) that is offering emergency infosec assistance to other NGOs and providers of critical services.

Like its fellow French NGO and semi-namesake Médecins Sans Frontières (Doctors Without Borders), the group emphasizes its neutrality when helping victims of armed conflict.

Staffed by volunteer hackers and infosec experts, the organization will, free of charge, help individuals or organizations handle the fallout of cyber-attacks, protect them from further assaults, and bolster their cyber-resilience.

“We have NGOs for press, for medical staff, and mental health issues, but not for protecting and helping the victims of cyber-attacks,” HWB co-founder Florent Curtet tells The Daily Swig.

“We hope to change this by creating an NGO that’s run by cybersecurity experts, who can provide security assistance to those in need.”

Curtet, a web security specialist who has previously pen-tested systems for Interpol, the UN, and the French Ministry of Armed Forces, is one of four co-founders with a range of expertise.

The others include Pierre-Marie Léoutre, a crypto-security expert and former threat intelligence specialist at the Gendarmerie Nationale; Karim Lamouri, a multilingual IT director for a Parisian suburb and security consultancy CEO; and Clément Domingo, an ethical hacker, capture-the-flag (CTF) competition founder and participant, and digital privacy campaigner.

RELATED Bug bounty leader Clément Domingo on cybersecurity in Africa, hacking events, and chaining vulnerabilities for maximum impact

Red Cross attack

The quartet decided to form HWB after being angered by the recent cyber-attack against the International Committee of the Red Cross that exposed information belonging to over half a million “highly vulnerable” people.

On February 4, just over two weeks later, HWB launched with the…

Source…

BlackBerry Pats Itself On The Back For Timely Android Security Updates – Ubergizmo

/in

Ubergizmo

BlackBerry Pats Itself On The Back For Timely Android Security Updates
Ubergizmo
It was only after the Stagefright vulnerability was discovered last year that Google and many of its partner OEMs committed to monthly security updates for Android devices. Malware and vulnerabilities have long been an issue on Android so there's
BlackBerry PRIV Highlighted as First Phone to Receive Android Security PatchesSoftpedia News

all 5 news articles »

“android security” – read more