It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack but also to consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.
The U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.
Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
Federal regulators have informed UnitedHealth Group that they have launched a full-fledged investigation into a potential massive compromise of protected health information stemming from the Change Healthcare cyberattack. A potential PHI breach could affect tens of millions of individuals.
Experts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.
Cyberattacks hit multiple parts of the business - not just IT. For example, a spam attack on a Singapore bank affected both IT infrastructure and overall business operations, said Chee Lung Yuen, CISO at AIA Malaysia. That's why CISOs need to consider all potential risks, he said.
The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.
Singapore has urged banks to be cautious when using artificial intelligence tools to forecast inflation and to stick to time-tested structural models. The Monetary Authority said banks must learn from the post-pandemic inflation surge, which everyone failed to predict.
First-party fraud hits banks from many different places - credit card fraud claims, bust-out schemes, lending fraud and synthetic identity fraud. The diversity of scams poses major challenges in spotting fraudulent activity, said Frank McKenna, chief strategist and co-founder of Point Predictive.
The Department of Health and Human Services is working on grant programs and other financial programs to help under-resourced healthcare organizations deal with the cybersecurity challenges they're facing, said La Monte Yarborough, CISO and acting deputy CIO at HHS.
The healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser.
The Biden administration doesn't propose huge leaps in cybersecurity funding in an annual spending blueprint unveiled Monday afternoon. U.S. federal civilian cybersecurity spending would amount to $13 billion, while the military would spend $14.5 billion.
First-party fraud is largely invisible. It requires financial institutions to overhaul their traditional fraud detection approaches. Unlike more commonly recognized forms of fraud, first-party fraud involves account holders acting deceitfully, which makes detection and prevention more complex.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.