Ten ways to mitigate security risks in healthcare

Shaun NicholsMarch 5, 2025

A recent report from CyberRisk Alliance Business Intelligence outlines ten key strategies to mitigate these security risks in healthcare. Implementing these measures can significantly strengthen an organization’s cybersecurity posture and reduce vulnerabilities.

Close-up of stethoscope on a circuit board with blue lights, symbolizing the intersection of technology and healthcare for diagnostic solutions.

Vulnerability Management

Backdoor in Contec CMS8000 monitors may allow faulty patient readings

Steve ZurierJanuary 31, 2025

Agencies say firmware backdoor can cause an RCE, which could result in faulty readings on patients’ vital signs.

Ransomware

Toll in 2024 Change Healthcare breach hits nearly 190 million Americans

Steve ZurierJanuary 27, 2025

Jan. 24 update from UnitedHealth indicates February 2024 ransomware breach has nearly doubled.

Cyberattack on Change Healthcare was an exploit of the ConnectWise flaw

Security Strategy, Plan, Budget

How robust downtime procedures strengthen healthcare cybersecurity

Toby Gouker January 24, 2025

A mix of robust downtime procedures with business continuity is just what the doctor ordered.

Governance, Risk and Compliance

HIPAA Updates Loom as Healthcare Breaches Boom: Prevent and Protect with Microsegmentation

António VasconcelosJanuary 14, 2025

The HHS proposal reinforces that segmentation isn’t optional, it’s essential.

Cloud Security

Four ways we can deliver stronger healthcare cloud security

Evan Anderson December 13, 2024

This year’s HHS cybersecurity audit pointed out the need for stronger cloud security at federal healthcare agencies and numerous hospitals nationwide.

Network Security

Change Healthcare breach affected 100 million Americans

Steve ZurierOctober 25, 2024

Change Healthcare breach viewed as the largest healthcare breach in history.

Government Regulations

When it comes to solving the ongoing cybersecurity crisis in healthcare, don’t bet on Congress

Toby Gouker September 23, 2024

Look for large state governments like New York to lead the way in addressing many of healthcare’s cybersecurity issues, not Congress.

AI technologies in enhancing healthcare data security.

Ransomware

Vanilla Tempest leverages INC ransomware to target healthcare sector

Steve ZurierSeptember 19, 2024

The tactics used by Vanilla Tempest such as lateral movement via RDP are not novel – but attacks on healthcare by yet another ransomware strain complicates the picture.

Cloud Security

What security teams need to know about HIPAA compliance in the cloud

Shira ShambanSeptember 12, 2024

The three elements of HIPAA compliance in the cloud include data discovery, encryption and strong access control and identity management.

Industry Regulations

Time to finally get serious about stopping the attacks on the healthcare supply chain

Toby Gouker August 21, 2024

The healthcare supply chain has been under attack for the last decade – it will take a national effort to keep our medical systems secure.

Ten ways to mitigate security risks in healthcare

Backdoor in Contec CMS8000 monitors may allow faulty patient readings

Toll in 2024 Change Healthcare breach hits nearly 190 million Americans

How robust downtime procedures strengthen healthcare cybersecurity

HIPAA Updates Loom as Healthcare Breaches Boom: Prevent and Protect with Microsegmentation

Four ways we can deliver stronger healthcare cloud security

Change Healthcare breach affected 100 million Americans

When it comes to solving the ongoing cybersecurity crisis in healthcare, don’t bet on Congress

Vanilla Tempest leverages INC ransomware to target healthcare sector

What security teams need to know about HIPAA compliance in the cloud

Time to finally get serious about stopping the attacks on the healthcare supply chain

In Brief

Founder of e-commerce firm hit with fraud charge for lying about AI tech

Black Basta-like Microsoft Teams phishing leads to novel backdoor

Palo Alto confirms brute-force attacks on PAN-OS GlobalProtect gateways

Identity is the new security architecture, says former CISA director Easterly

Microsoft warns how domain controllers can be used to spread ransomware

SC Health

Ten ways to mitigate security risks in healthcare

Backdoor in Contec CMS8000 monitors may allow faulty patient readings

Toll in 2024 Change Healthcare breach hits nearly 190 million Americans

How robust downtime procedures strengthen healthcare cybersecurity

HIPAA Updates Loom as Healthcare Breaches Boom: Prevent and Protect with Microsegmentation

Four ways we can deliver stronger healthcare cloud security

Change Healthcare breach affected 100 million Americans

When it comes to solving the ongoing cybersecurity crisis in healthcare, don’t bet on Congress

Vanilla Tempest leverages INC ransomware to target healthcare sector

What security teams need to know about HIPAA compliance in the cloud

Time to finally get serious about stopping the attacks on the healthcare supply chain

In Brief

Founder of e-commerce firm hit with fraud charge for lying about AI tech

Black Basta-like Microsoft Teams phishing leads to novel backdoor

Palo Alto confirms brute-force attacks on PAN-OS GlobalProtect gateways

Identity is the new security architecture, says former CISA director Easterly

Microsoft warns how domain controllers can be used to spread ransomware