Aug 17

2017

It’s Always Sunny in Philadelphia

By Great Bay Software

It’s Always Sunny in Philadelphia

Healthcare Informatics, an-online publication, hosts a series of Health IT Summits across the country. We just returned from the Philadelphia Conference. We had many opportunities to network with industry experts, and IT professionals. Our team benefited from gaining more knowledge about specific IT security challenges. In the Great Bay Software booth we found enthusiastic interest in our products and solutions. Friday sessions were solely focused on cybersecurity and we found that the keynote and panel speakers were directly speaking to the business challenges that we aim to help solve for our clients.

Do You Have a Security Framework?

One panel in particular, “Practical Tips for Creating a Cybersecurity Framework that Meets Your Privacy Standards”, resonated with many attendees. Long title – but true to its description. A quick rundown of the “do’s” and “don’ts”:

 

  • Don’t rely on “checkbox compliance” alone. It will not maximize your security.
  • Don’t simply march towards HIPPA compliance – it’s not enough.
  • Do have annual technical and non-technical risk assessments and conduct penetration testing.
  • Do allow for self-assessments and audits.
  • Don’t allow your security strategy to stagnate. The constantly changing threat landscape requires a framework that can evolve and adapt.
  • Do conduct IT security workforce development to build-up the required skills. Train the incident response team deeply so they are ready immediately if an attack/breach does occur.
  • Don’t keep employees in the dark. Make sure they are trained and know how to respond if something goes wrong – either through internal errors or external attacks.
  • Do maximize your funding by creating models that demonstrate how security investments are being controlled and managed. Inform your CIO about the threats your spending targets and the expected results.
  • Finally, do leverage existing models such as from CIS and HITRUST in order to create your model and framework.

 

What’s Important? What’s Enough?

 

A constant theme was about how much security is enough and how do to address security without interrupting workflow. While 0% risk is never going to be possible, evolving technologies and applications – such as IoMT – require innovations in security solutions.

 

Another hot topic at the Health IT Summit was around the importance of understanding your organization’s top risks and top assets. And for many security professionals their biggest security threats were medical devices and personal email. Take note that the number #1 CIS security control is the inventory of authorized and unauthorized devices.

 

Great Bay Software is focused on tackling security risks in the healthcare segment. Our Beacon Software Suite enables you to know and trust what’s connected to your network. Learn how our solutions can discover, profile and control all of your endpoints – and become a key part of your security framework.

Why the Healthcare Industry is the Top Target for Data Breaches

Report | SANS Healthcare Provider Breaches 

Minimizing Network Security Risks Created by Medical Devices Whitepaper

 

Comments

Related Posts

Nov 30

2017

Medical Device Security Needs an Infusion. Stat.

Medical devices have a profoundly positive impact on the quality of healthcare. Whether stationary, bedside or portable, they improve patient experience and outcomes, accelerate recovery times and...

Aug 10

2017

Is Your IoMT Security Keeping up with Regulatory Mandates?

Securing healthcare networks and devices is not just critical to operational continuity but to regulatory compliance as well. Compliance can be a veritable alphabet soup of mandates: HIPAA mandates...

Aug 02

2017

How’s the Health of Your Security Budget?

A recent Harvard Business Review article1 reminds us that the healthcare sector is the most heavily-targeted vertical industry. Read more in our earlier “Top Target” post. In 2016, more than 25% of...

Subscribe to Blog Updates