The Top 20 Security Vulnerabilities Healthcare Organizations Should Address

Issue link:

Contents of this Issue


Page 0 of 5

1 The Top 20 Security Vulnerabilities Healthcare Organizations Should Address Written by John Nye; Senior Director, Cybersecurity Research and Communication at CynergisTek Working in information security for the last decade has taught me one critical lesson: the issues we face are incredibly similar and have barely changed. The good news is most organizations can utilize this knowledge to make themselves significantly more secure with a few fixes. Many of the items on this list have been part of other vulnerability lists. One inspiration was the "CIS Top 20". 1 This list has been around for nearly a decade and identifies some of the most common IT and information security issues we see every day. The vulnerabilities below are not in any particular order – all of them are important and should be addressed based on your organization's risk posture and appetite. It is also important to remember none of these action items will help if the remediation efforts are not done with the follow-through and follow-up that is required. Asset Inventory Asset inventory can be found on nearly every list of vulnerability fixes. I have seen many organizations attempt this, but I have rarely seen anyone that truly knows all the assets on their network. Many of the issues I discuss further down this list either cause issues with asset inventory efforts or are often left out of these inventories altogether. For example, data – both sensitive and private – are as valuable as the assets that contain it. Other assets that are often missing from inventory lists are Internet of Things (IoT) devices, biomedical devices, and printers, to name a few. a. Remediation of this issue requires first identifying information assets. One of the quickest ways to identify if there are assets worth investigating further is by running a simple NMAP ping sweep across the entire network IP range or ranges. This will show all the systems you know about and give you a lead on systems that need further investigation. b. Another important aspect is a well-maintained and frequently updated inventory database that has these systems listed and cataloged. This can be done in a variety of ways from a simple Excel spreadsheet to a feature-rich add-on to some of the service and maintenance management systems like ServiceNow and BMC Remedy. Insider Threat Insiders are responsible for a significant portion of breaches. Insider threats may be malicious or completely unintentional, but both require attention. Most insider breaches are caused by phishing, social engineering, or some similar ruse. However, there are cases where corporate espionage or even outright criminal activity such as credit card or identity theft is involved. No organization is safe from this threat, and as healthcare organizations use more third- party business associates and contractors, the pool of potential insider threats grows every day. Remediation starts with thoroughly training staff in terms and methods that resonate with them. Awareness training and the creation of a strong culture of security in your organization are the best ways to thwart unintentional and malicious insider threats. One of the most important aspects of any organization's awareness training program is that it is customized to not only reflect the organization's culture, but also to mesh with that culture as well. 1 2 1

Articles in this issue

Links on this page

view archives of Checklists - The Top 20 Security Vulnerabilities Healthcare Organizations Should Address