Tag Archive for: proactive security

From Reactive to Proactive: Transforming Healthcare Cybersecurity Post-Change Healthcare Attack

/by

Change Healthcare, a major player in the healthcare technology sector, fell victim to a ransomware attack in February and is quickly heading towards a billion dollars in loss. The breach disrupted its operations and potentially compromised sensitive patient data. The attackers, ALPHV, also known as BlackCat and Noberus, exploited vulnerabilities in the company’s IT infrastructure, likely through phishing emails or other means, to gain unauthorized access to their systems. This breach not only posed a significant threat to patient privacy but also raised concerns about the integrity of healthcare data and the reliability of essential services.

In the landscape of healthcare, where interconnected IT, operational technology (OT), and Internet of Things (IoT) networks are the norm, it’s inhumanly difficult to understand the whole attack surface.  This is why experts and regulators advise adopting a proactive approach to security with best practices including segmentation – keep separate things apart, so that an attacker cannot easily spread from one place to another.  Defenders of healthcare networks need automated assessment of their defensive posture, to uncover gaps and ensure good hygiene ahead of the next attack.

Healthcare administrators must fortify network infrastructure with stringent policies, including robust password enforcement, firewall configurations, and access controls. Vigilant monitoring and configuration of all connected devices, from medical equipment to personal devices, are imperative. Employing strong encryption further enhances data security, deterring cyber intrusions.

Another best practice is implementing a framework such as NIST and MITRE ATT&CK as part of your comprehensive cyberdefense efforts. Take for example another high-growth healthcare organization. Managing 20,000 clinicians and 150,000 medical devices, taking a proactive approach to network visibility and vulnerability prioritization is critical. As cyberattacks have become more sophisticated, healthcare organizations must be proactive and adopt best practices to, as this health system’s cybersecurity expert put it, “prepare the battle space.” In addition to having a dynamic map of their environment, the health system relies on the MITRE ATT&CK (adversarial tactics, techniques, and common knowledge) framework, a comprehensive knowledge base that gives security personnel key insights into attacker behavior and techniques, to help it prevent potential attacks and keep patient information, payment information, and other key data secure.

Click here to read the full case study

Regular attack surface scans are essential for proactive risk mitigation, providing crucial insights for informed decision-making in cybersecurity strategy development. Prioritizing rigorous testing of all software and device updates is crucial to preempt vulnerabilities.

Secure your healthcare network comprehensively with RedSeal. Our network exposure analytics platform offers dynamic visualization of network ecosystems, empowering organizations to identify and address vulnerabilities efficiently. Partnering with leading infrastructure suppliers, we deliver unparalleled network security solutions and professional services, ensuring robust protection against evolving threats.

Reach out to RedSeal or schedule a demo today.

Strengthened Cybersecurity Regulations in New York: What It Means for Businesses

/by

In an ever-evolving digital landscape, cybersecurity remains a paramount concern for both individuals and businesses alike. New York’s Department of Financial Services (DFS) has recently taken a significant step forward in addressing these concerns by issuing updated and strengthened cybersecurity regulations. These new regulations build upon the foundation laid out in 2017 and introduce several key changes to enhance cybersecurity measures and safeguard sensitive data. As leaders in network exposure analytics, we’re here to shed light on the implications of these regulations, what they mean for businesses of all sizes, and how to prioritize security by reducing vulnerability. 

Three tiers for different companies 

One of the notable changes in these updated regulations is the introduction of a tiered approach for companies. These tiers classify companies based on their size, with specific requirements tailored to size and cybersecurity capabilities. Companies with fewer than 20 employees and less than $5 million in gross annual revenue over the last three years will be subject to fewer cybersecurity requirements. This more nuanced approach acknowledges that smaller companies may have different cybersecurity capabilities and resources compared to larger enterprises. 

Enhanced governance and access control 

The new regulations place significant emphasis on governance and access control. Companies will now be required to implement enhanced governance measures to ensure the protection of sensitive data. Additionally, there are new controls in place to prevent unauthorized access to systems and mitigate the spread of cyberattacks. This is a crucial step in fortifying the first line of defense against potential breaches. 

Regular risk assessments and incident response 

Risk assessment is a fundamental component of any robust cybersecurity strategy. The updated regulations mandate more regular risk and vulnerability assessments, reflecting the ever-changing nature of cyber threats. Moreover, companies must strengthen their incident response, business continuity, and disaster recovery planning. This ensures that businesses are prepared to handle and recover from cyber incidents efficiently, minimizing the potential impact on operations and data integrity. 

Ransomware reporting 

Ransomware attacks have become a growing concern for organizations worldwide. Regulations issued in New York now require companies to report ransomware payments. This change is in line with the broader effort to increase transparency and help law enforcement agencies track and combat ransomware threats effectively. 

Investment in training and awareness 

One of the most critical aspects of cybersecurity is human behavior. To strengthen this front, the regulations direct companies to invest in at least annual training and cybersecurity awareness programs. These programs should anticipate social engineering attacks, which often target employees as the weakest link in a company’s cybersecurity defenses. 

Looking ahead 

New York’s updated cybersecurity regulations raise the bar for cyber resilience. By providing a tiered approach that recognizes the diversity of businesses, enhancing governance and access controls, emphasizing regular risk assessments, and promoting cybersecurity awareness, these regulations aim to protect businesses and individuals from the ever-present threat of cyberattacks. 

While these regulations mark a significant step forward in bolstering cybersecurity, businesses must also stay proactive in adapting to emerging threats. Being proactive with vulnerability prioritization is essential for any organization to effectively manage and mitigate cybersecurity risks. 

Cybersecurity is an ongoing process, and compliance with regulations is just the beginning. Will other states follow New York’s lead? RedSeal will watch and report should any additional states update cybersecurity regulations. 

RedSeal recommends organizations transition from defensive to proactive security.  Businesses should continually assess their security posture, stay informed about the latest threats, and invest in comprehensive cybersecurity solutions to ensure they remain protected in an increasingly digital world.  

Reach out today for more information on how RedSeal can support your business with proactive vulnerability prioritization.