The CyberPHIx Roundup: Industry News & Trends, 5/26/22
The CyberPHIx: Meditology Services Podcast
Release Date: 05/26/2022
The CyberPHIx: Meditology Services Podcast
Join us for this episode of The CyberPHIx podcast, where we hear from Morgan Hague. Morgan is the manager of IT Risk Management at Meditology Services and has been in the industry for nearly a decade. He has worked with hundreds of organizations in an advisory capacity helping to assess or audit security functions to drive program maturity. He also leads Meditology’s strategic risk management consulting service line and is a subject matter expert in threat mitigation and risk program development. Topics covered in this session include: A deep dive into...
info_outline The CyberPHIx Roundup: Industry News & Trends, 5/8/23The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. In this episode, our host Britton Burton highlights the following topics trending in healthcare cybersecurity this month: The Changes to HHS 405(d) HICP publication on the top 5 threats and top 10 security practices for healthcare The NIST Cyber Security Framework 2.0 Discussion Draft The riskiest connected medical devices and IoT (including nurse call, infusion pumps, and...
info_outline HITRUST v11 and Third-Party Risk: Insights from HITRUST LeadershipThe CyberPHIx: Meditology Services Podcast
Join us for this episode of The CyberPHIx podcast where we hear from Ryan Patrick, Vice President of Adoption at HITRUST. Ryan works with clients to understand and implement the HITRUST-validated assessments that best suit their organization’s risk profile. Prior to this role, he spent many years as a security practitioner and IT lead in a wide range of organizations from the US Army to Covered Entities to healthcare cybersecurity consulting firms. He has a wealth of practical security experience that informs every discussion about security or HITRUST. ...
info_outline The CyberPHIx Roundup: National Cybersecurity Strategy, 3/22/23The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. Our host Britton Burton spends this entire episode reviewing and analyzing the recently released National Cybersecurity Strategy, including: Summarizing, and in some cases quoting, the key points from the document that are most relevant to healthcare security pros who may have time to listen but not read Analyzing how those key points will affect the healthcare industry in the coming months...
info_outline THE CYBERPHIX ROUNDUP: INDUSTRY NEWS & TRENDS, 2/7/23The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. In this episode, our host highlights the following topics trending in healthcare cybersecurity this month: The Federal Trade Commission’s (FTC) first Health Breach Notification Rule Enforcement action against GoodRx An unsurprising report from OCR on security rule compliance areas that HIPAA-regulated entities need improvement plus the most common remediation actions taken by breached...
info_outline THE CYBERPHIX ROUNDUP: INDUSTRY NEWS & TRENDS, 3/1/23The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. In this episode, our host highlights the following topics trending in healthcare cybersecurity this month: The Federal Trade Commission’s (FTC) first Health Breach Notification Rule Enforcement action against GoodRx An unsurprising report from OCR on security rule compliance areas that HIPAA-regulated entities need improvement plus the most common remediation actions taken by breached...
info_outline The CyberPHIx Roundup: Industry News & Trends, 2/7/23The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. In this episode, our host highlights the following topics trending in healthcare cybersecurity this month: A new National Cybersecurity Strategy coming from the Biden administration in the next few weeks Healthcare cybersecurity legislation with mandatory requirements coming from Senator Mark Warner by the end of 1Q More ChatGPT analysis on malware writing and that it is NOT suitable...
info_outline The CyberPHIx Roundup: Industry News & Trends, 1/16/22The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. In this episode, our host highlights the following topics trending in healthcare cybersecurity this month: New FDA authority granted by December’s omnibus bill is a big step towards better medical device security HITRUST teases their new CSF v11 release CommonSpirit Health class action lawsuit The fallout from the LastPass follow-on breach The possibly similar situation...
info_outline Top 10 Cyber Risk Exposure Trends and Predictions for 2023The CyberPHIx: Meditology Services Podcast
The CyberPHIx is your source for keeping up with the latest cybersecurity news, trends and industry leading practices, specifically for the healthcare industry. In this episode, our host highlights some bold, and some not so bold, predictions for healthcare cybersecurity in 2023. Topics covered include: Continued escalation and evolution of ransomware attacks Our growing dependency on cloud platforms and vendor solutions shifting the attacker’s focus and changing breach trends New baseline expectations for critical infrastructure cybersecurity that could...
info_outline The CyberPHIx Roundup: Industry News & Trends, 12/15/22The CyberPHIx: Meditology Services Podcast
The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry leading practices, specifically for the healthcare industry. In this episode, our host Britton Burton highlights the following topics trending in healthcare cybersecurity this week: OCR releases more detail on their Recognized Security Practices (RSPs) and what they mean for Covered Entities A cool new tool from the FTC for mobile health app developers to quickly determine which security and privacy regulations are in scope for their app Trends in...
info_outlineThe CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry.
In this episode, our host Brian Selfridge highlights the following topics trending in healthcare cybersecurity this week:
- Highlights from the US Senate HELP hearing discussing the threat of cyberattacks on the healthcare industry
- Healthcare and Public Health Sector Coordinating Council (HSCC) releases new incident response checklist
- Ransomware growth causes cyber liability insurance costs to skyrocket
- Cardiologist charged with designing and selling ransomware
- BakerHostetler data security incident response report highlights and analysis
- Vendor risk management trends and associated healthcare breaches
- Solara Medical Supplies proposes a $5 million settlement to resolve class action data breach lawsuit
- CISA Alert: Weak Security Controls and Practices Routinely Exploited for Initial Access
- CISA alerts organizations not to install May security patches on Microsoft domain controllers
- US Department of Health and Human Services (HHS) warning healthcare entities about the aggressive Hive ransomware group
- A look back on the Conti ransomware group’s attacks on 200+ healthcare entities over the last two years
- HHS information on Russian Advanced Persistent Threat (APT) groups and associated analysis