Hospitals are where people go to seek treatment, recover, and address critical injuries. It is the place where doctors, nurses, and other healthcare providers devote themselves to helping people who need medical attention. In addition to this critical focus, a hospital also has to protect against unauthorized access, theft of medications or sensitive patient information, and guard against workplace violence, which affects hospitals more than other industries. At the same time, they must maintain a level of accessibility and openness, which presents difficulties as it relates to security.
Hackers will always exploit a crisis, and the coronavirus outbreak is no different. Since January, cybercriminals have leveraged the COVID-19 pandemic to stage all manner of cyberattacks, from ransomware take-overs of hospital systems to private network hacking. But the latest cybercrime scheme exploits the greatest cybersecurity vulnerability of all: human emotion.
Threat actors launched a cyberattack against the Texas Office of Court Administration, the IT provider for many Texas courts, and encrypted their computer systems with ransomware, leaving those systems useless. Cognizant, which has a large presence in Dallas-Fort Worth and is one of the world’s largest and most sophisticated providers of information technology services for other companies, was hit with ransomware with losses currently estimated between $50 million and $70 million.
There is a trade-off between technology innovation and security. The adoption of emerging technologies like 5G will fuel the proliferation of Internet of Things (IoT) which are often built with basic security controls, creating a larger attack surface. At the same time, reliance on data means that data breaches can cause greater damage.
The new NIST standards for IAST and RASP are a testament that outside-in AppSec approaches are antiquated, inefficient, and ineffective. Security instrumentation is more than a paradigm shift of the future—it is an opportunity for today.
Although it is tempting to think of breaches as being exclusively caused by malicious cybercriminals hacking corporate networks, the truth is that a significant portion are caused—or least facilitated—by insiders.
Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.
The pandemic has exposed deeper, more significant cracks in enterprise security. As companies plan for a phased return to normal operations, it’s imperative that they are aware of these vulnerabilities and make addressing them a central part of their coronavirus response.
RSS
