商务合作
动脉网APP
可切换为仅中文
According to a 2023 report by the US Cyber Threat Intelligence Integration Center, the number of cyberattacks on the healthcare sector doubled in 2023 from the year prior. So far in 2024 that accelerated trajectory shows no sign of slowing down.
根据美国网络威胁情报整合中心2023年的一份报告,2023年,医疗保健部门遭受的网络攻击数量比前一年翻了一番。到2024年为止,加速的轨迹没有减缓的迹象。
The incident at Change Healthcare and the downstream impact it had on the entire healthcare sector was yet another wake-up call for the industry. We need to do more to protect the vital healthcare infrastructure and ecosystem. However, with healthcare revenues under pressure and operational costs rising, healthcare organizations are struggling to dedicate resources to cybersecurity..
Change Healthcare的事件及其对整个医疗行业的下游影响再次唤醒了行业。我们需要做更多的工作来保护至关重要的医疗基础设施和生态系统。然而,随着医疗保健收入面临压力,运营成本上升,医疗保健组织正在努力将资源用于网络安全。。
In light of that, many have wondered whether the government has a role to play in healthcare cybersecurity.
有鉴于此,许多人想知道政府是否可以在医疗保健网络安全方面发挥作用。
To get an answer to that question, and to several other healthcare cybersecurity challenges, we asked Ty Greenhalgh, Industry Principal at Medigate by Claroty. Here are his responses.
为了回答这个问题以及其他几个医疗保健网络安全挑战,我们询问了Claroty Medigate的行业负责人Ty Greenhalgh。以下是他的回答。
What role does the government have, if any, when it comes to healthcare cybersecurity?
在医疗保健网络安全方面,政府扮演什么角色(如果有的话)?
The government maintains a balance in healthcare cybersecurity by enforcing regulations like the Health Insurance Portability and Accountability Act (HIPAA) to safeguard patient data, while also providing guidance, resources, and support to help organizations improve their security. They avoid over-regulation by promoting industry best practices and allowing flexibility in compliance, ensuring accountability through penalties and incident response coordination to prevent breaches without hindering innovation or overloading providers..
政府通过执行《健康保险可移植性和责任法案》(HIPAA)等法规来保护患者数据,同时提供指导、资源和支持以帮助组织提高安全性,从而在医疗保健网络安全方面保持平衡。。。
Recently, the U.S. Department of Health and Human Services (HHS) launched a $50 million program to enhance cybersecurity tools for hospitals, addressing the urgent need to counter digital threats in the healthcare sector. This initiative is part of a broader government effort to bolster healthcare cybersecurity through various means, including funding, regulation, prevention, and coordination.
最近,美国卫生与公众服务部(HHS)启动了一项5000万美元的计划,以增强医院的网络安全工具,解决医疗保健部门应对数字威胁的迫切需求。这一举措是政府通过各种手段(包括资金、监管、预防和协调)加强医疗保健网络安全的更广泛努力的一部分。
Agencies like HHS and the Cybersecurity and Infrastructure Security Agency (CISA) play crucial roles by providing guidelines and regulatory frameworks, such as the Healthcare and Public Health (HPH) Cybersecurity Performance Goals (CPGs). These guidelines help organizations improve their cybersecurity posture with actionable measures and best practices..
HHS和网络安全和基础设施安全局(CISA)等机构通过提供指导方针和监管框架,如医疗保健和公共卫生(HPH)网络安全绩效目标(CPG),发挥着至关重要的作用。这些指导方针有助于组织通过可行的措施和最佳实践改进其网络安全态势。。
The government also supports cybersecurity advancements and research through programs like the Cybersecurity Grant Program. Efforts to prevent cyber threats include promoting best practices, conducting threat assessments and fostering public-private partnerships for intelligence sharing and coordinated responses.
政府还通过网络安全拨款计划等项目支持网络安全进步和研究。预防网络威胁的努力包括推广最佳做法、进行威胁评估和促进公私合作伙伴关系,以共享情报和协调应对。
By establishing regulations and offering resources, the government aims to strengthen the cybersecurity defenses of healthcare organizations and protect sensitive patient information..
通过制定法规和提供资源,政府旨在加强医疗机构的网络安全防御,保护敏感的患者信息。。
What other information would be helpful to disclose in a healthcare breach notification so that there is more knowledge shared that could lead to improvements across the healthcare industry? (For example, retailers share theft data to help curb losses across their industry)
还有哪些其他信息有助于在医疗保健违规通知中披露,以便分享更多知识,从而改进整个医疗保健行业?(例如,零售商共享盗窃数据,以帮助控制整个行业的损失)
Providing detailed information about the attack vector, including how the breach occurred—whether through phishing, ransomware, or vulnerabilities in devices or software—would be beneficial. This should encompass the initial point of entry, how the attacker moved laterally through the network, and a timeline that covers the breach, the response actions taken, and when the situation was resolved.
提供有关攻击载体的详细信息,包括如何通过网络钓鱼、勒索软件或设备或软件中的漏洞发生违规,将是有益的。这应该包括初始进入点、攻击者如何在网络中横向移动,以及涵盖违规行为、采取的响应行动以及情况何时得到解决的时间表。
It would also be important to address any delays in detection and their causes. Identifying which systems were compromised, such as EHRs, patient portals, financial systems, email, or IoT devices, is crucial..
解决检测中的任何延误及其原因也很重要。识别哪些系统受到了损害,例如EHR、患者门户、财务系统、电子邮件或物联网设备,至关重要。。
In addition to notifying affected individuals, healthcare breach notifications could benefit from including detailed information on the nature and scope of the breach, such as the specific vulnerabilities exploited, and the types of data compromised.
除了通知受影响的个人外,医疗保健违规通知还可以受益于包括有关违规性质和范围的详细信息,例如被利用的特定漏洞以及受损数据的类型。
Transparency about how the breach occurred, including the tactics and techniques used by attackers, would provide valuable insights for other healthcare providers to bolster their own security measures.
关于违规行为如何发生的透明度,包括攻击者使用的战术和技术,将为其他医疗保健提供者提供有价值的见解,以支持他们自己的安全措施。
Including information on the response actions taken, lessons learned and the steps being implemented to prevent future breaches could also aid in improving industry-wide practices. Just as retailers analyze thefts to enhance security measures, sharing such comprehensive details can help other organizations identify and address similar vulnerabilities, strengthening overall cybersecurity resilience across the healthcare sector..
包括有关所采取的应对行动、吸取的教训以及为防止未来违规而正在实施的步骤的信息,也有助于改进全行业的做法。。。
What are two signs that a healthcare organization may need a third party cybersecurity partner?
医疗保健组织可能需要第三方网络安全合作伙伴的两个迹象是什么?
Two key signs that a healthcare organization may need a third party cybersecurity partner include a lack of in-house expertise and a high volume of security incidents. A major risk to the healthcare sector is the shortage of skilled cyber talent, which can leave organizations vulnerable to attacks. If an organization struggles to maintain a team with specialized skills in cybersecurity or if its existing staff is overwhelmed by the complexity and volume of cyber threats, engaging a third party partner can provide the necessary expertise and resources.
医疗保健组织可能需要第三方网络安全合作伙伴的两个关键迹象包括缺乏内部专业知识和大量安全事件。医疗保健行业面临的一个主要风险是缺乏熟练的网络人才,这可能使组织容易受到攻击。如果一个组织难以维持一个拥有网络安全专业技能的团队,或者如果其现有员工被网络威胁的复杂性和数量所淹没,那么聘请第三方合作伙伴可以提供必要的专业知识和资源。
Additionally, frequent security incidents or breaches may indicate inadequate internal security measures, making it prudent to seek external support to enhance defenses, manage incident responses, and implement robust security protocols..
此外,频繁的安全事件或违规行为可能表明内部安全措施不足,因此寻求外部支持以加强防御、管理事件响应和实施强大的安全协议是谨慎的。。
Considering recent incidents, like the one at UnitedHealth Group’s Change Healthcare unit, what are the primary challenges healthcare providers face in managing breach notifications internally, and how might delegating this responsibility to third parties alleviate these burdens?
考虑到最近发生的事件,例如UnitedHealth Group的Change Healthcare部门发生的事件,医疗保健提供者在内部管理违约通知方面面临的主要挑战是什么,以及将此责任委托给第三方如何减轻这些负担?
Healthcare providers face several primary challenges in managing breach notifications internally, including the administrative burden, resource constraints and the need for timely and accurate communication. The process of identifying affected individuals, preparing and sending notifications, and addressing follow-up inquiries can be both time-consuming and costly, diverting resources away from patient care and core functions.
。识别受影响的个人、准备和发送通知以及处理后续查询的过程可能既费时又费钱,从而将资源从患者护理和核心功能上转移开来。
Additionally, the cost and resources necessary for breach notifications further strain already under-resourced organizations, impacting their ability to bolster security practices and defenses. Delegating this responsibility to the third parties who are the source of the breach can help alleviate these burdens.
此外,违规通知所需的成本和资源进一步加剧了资源不足的组织的压力,影响了它们支持安全实践和防御的能力。将这一责任委托给作为违约来源的第三方可以帮助减轻这些负担。
These third parties are often equipped with specialized expertise and streamlined processes for handling notifications efficiently. They can ensure compliance with regulatory requirements, reduce the administrative load on healthcare staff, and allow providers to focus on remediation and improving their cybersecurity posture..
这些第三方通常拥有专门的专业知识和简化的流程,可以有效地处理通知。它们可以确保遵守法规要求,减轻医护人员的行政负担,并允许提供商专注于补救和改善其网络安全态势。。
Given the specialized expertise required for effective breach notifications and the strain on healthcare resources, what are the key advantages of having third party entities manage and coordinate breach notifications, particularly in terms of regulatory compliance and maintaining patient trust?
鉴于有效的违约通知所需的专业知识以及医疗资源的压力,让第三方实体管理和协调违约通知的关键优势是什么,特别是在法规遵从性和维护患者信任方面?
Having third party entities manage and coordinate breach notifications offers several key advantages, particularly in terms of regulatory compliance and maintaining patient trust. Third party experts bring specialized knowledge and experience to handle notifications in a manner that meets regulatory requirements and minimizes legal risks.
让第三方实体管理和协调违约通知具有几个关键优势,特别是在法规遵从性和维护患者信任方面。第三方专家带来专业知识和经验,以满足监管要求和最大限度地减少法律风险的方式处理通知。
They can efficiently manage the complex and time-sensitive aspects of breach communications, ensuring that notifications are accurate and timely. Moreover, third parties can provide clear and consistent communication, helping to maintain patient trust and transparency during the breach resolution process.
他们可以有效管理违规通信的复杂和时间敏感方面,确保通知准确及时。此外,第三方可以提供清晰一致的沟通,有助于在违约解决过程中保持患者的信任和透明度。
By handling these responsibilities, third parties enable healthcare providers to focus on their primary mission of patient care while ensuring a professional and compliant response to security incidents..
通过处理这些责任,第三方使医疗保健提供者能够专注于其主要的患者护理任务,同时确保对安全事件做出专业且合规的响应。。
Learn more about Claroty at https://claroty.com/
了解更多关于Clarotty的信息,请访问https://claroty.com/
TagsClaroty Healthcare Cybersecurity Healthcare IoT Healthcare Ransomware HIPAA IoT Ransomware Ty Greenhalgh
标签Claroty医疗网络安全医疗物联网医疗勒索软件HIPAA物联网勒索软件Ty Greenhalgh
Get Fresh Healthcare & IT Stories Delivered Daily
每天提供新鲜的医疗保健和IT故事
Join thousands of your healthcare & HealthIT peers who subscribe to our daily newsletter.
加入成千上万订阅我们每日新闻稿的healthcare&HealthIT同行。
We respect your privacy and will never sell or give out your contact information
我们尊重您的隐私,绝不出售或泄露您的联系信息