Healthcare Information Security Podcast

The 2019 RSA Conference offers an opportunity to learn about new concepts across all aspects of cybersecurity. One such area is "data gravity," which will be the topic of a session featuring Microsoft's Diana Kelley and Sian John. They discuss the concept in a joint interview.

As more hospitals seek new methods for collecting payments from patients, they face the challenge of securing those transactions, says Dan Berger of AxiaMed, who describes HIPAA and PCI compliance issues in an interview at the HIMSS19 conference.

The good news for security leaders: Because of SSL/TLS, nearly every bit of web data in transit is now encrypted. The bad news: Threat actors are now masking their attacks inside of encrypted traffic. Kevin Stewart of F5 Networks explains why network visibility is not enough to detect these attacks.

The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.

Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.

Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps.

What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.

Listen to the latest on security's role in digital transformation, as well as cultural and leadership challenges facing the security industry.

Analytics, artificial intelligence and machine learning are increasingly playing promising roles in healthcare data security, say Ron Mehring, CISO at Texas Health Resources, a large delivery system, and Axel Wirth of Symantec, a technology vendor. They were featured speakers at the HIMSS19 conference.

Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.

The latest edition of the ISMG Security Report features a summary of alarming new findings about the ability of the U.S. to counter a nation-state malware attack. Plus, a discussion of "fusion centers" at banks and an update on the targeting of Webstresser subscribers.

As cybersecurity threats in the healthcare sector evolve, medical device manufacturer ICU Medical is taking a number of steps to help safeguard its products. Chaitanya Srinivasamurthy and Marshall Fryman of the company describe these security initiatives.

Listen to the latest on strategies for protecting the digital enterprise against emerging threats.

Fraud incidents and losses have remained steady or increased in the past year, according to ISMG's latest Faces of Fraud Survey. And the biggest fault of banking institutions' current anti-fraud controls: They rely too much on manual processes. Mike Lopez of survey sponsor Cyxtera Technologies analyzes the results and how to use them.

The latest edition of the ISMG Security Report features an update on what U.S. intelligence chiefs told Congress this week about persistent nation-state cyberthreats, plus reports on evasion tactics used by cryptocurrency money launderers and what government CIOs have to say about security funding.

Improved integration, automation and orchestration are needed to better detect and respond to evolving cyberthreats, says John Maynard, vice president and global security specialist at Cisco Systems.

Endpoint detection and response tools and other related security technologies are critical weapons for defending against cyberattacks, says Larry Whiteside, the new CISO at Greenway Health, an electronic health records company.

Despite the value of cryptocurrency plummeting since 2017, cybercriminals and rogue nations are still using it to launder funds. One recently discovered scheme designed to evade AML detection is "crypto dusting," according to CipherTrace's Dave Jevans.

Sophos is out with new reports on Matrix and Emotet, two different types of cyberattacks that are hitting enterprise defenses. Matrix is a targeted ransomware, an emerging type of attack Sophos expects to gain prominence, and Emotet is malware that has evolved over the years into an opportunistic, polymorphic threat that can wreak havoc in many different ways. How do these threats work, and how should you bolster your defenses? Sophos researcher John Shier offers his expertise.

Around the world, many CIOs at various levels of governments expect an increase in cybersecurity spending in 2019, according to new research from Gartner. Alia Mendonsa, co-author of the report, analyzes the results of a global survey.