Posted on Aug 31, 2015
Did you know 13% of healthcare organizations are targeted by external cyber attacks at least once a day?
5.8K
21
22
5
5
0
Did you know 13% of healthcare organizations are targeted by external cyber attacks at least once a day? Check out the statistics
RP members do we have a problem with the safeguarding of our medical information in the civilian world or what?
With the cost of healthcare rising, will protecting confidential information cause expenses to go higher?
http://www.beckershospitalreview.com/healthcare-information-technology/13-of-healthcare-organizations-targeted-by-external-cyberattacks-at-least-once-a-day.html
SFC Mark Merino SGM Steve Wettstein CH (MAJ) William Beaver PVT James Strait SMSgt Tony Barnes CSM Michael J. Uhlig MAJ Ken Landgren CPT Jack Durish PO1 John Miller SN Greg Wright Sgt Kelli Mays TSgt Julia Faulks] SSgt (Join to see) TSgt Hunter Logan SGT Sara Hodgkiss CPT (Join to see) MAJ Robert (Bob) Petrarca Sgt Aaron Kennedy, MS SSG James J. Palmer IV aka "JP4"SGT Ben Keen
RP members do we have a problem with the safeguarding of our medical information in the civilian world or what?
With the cost of healthcare rising, will protecting confidential information cause expenses to go higher?
http://www.beckershospitalreview.com/healthcare-information-technology/13-of-healthcare-organizations-targeted-by-external-cyberattacks-at-least-once-a-day.html
SFC Mark Merino SGM Steve Wettstein CH (MAJ) William Beaver PVT James Strait SMSgt Tony Barnes CSM Michael J. Uhlig MAJ Ken Landgren CPT Jack Durish PO1 John Miller SN Greg Wright Sgt Kelli Mays TSgt Julia Faulks] SSgt (Join to see) TSgt Hunter Logan SGT Sara Hodgkiss CPT (Join to see) MAJ Robert (Bob) Petrarca Sgt Aaron Kennedy, MS SSG James J. Palmer IV aka "JP4"SGT Ben Keen
Cyber
Big Data
Health
Privacy
Computers
Edited 9 y ago
Posted >1 y ago
Responses: 10
2
2
0
I wouldn't be surprised if it was higher. Those would be considered "detected" attacks. Not mentioning unknown backdoors and attempting to physically compromising the organization.
(2)
(0)
1
1
0
COL Mikel J. Burroughs
CPT (Join to see) I believe it is and there are number of smaller institutions as well as big ones that don't let the public know (bad press). Just a guess and my opinion!
(0)
(0)
1
1
0
COL Mikel J. Burroughs
It's really not that difficult to protect and harden healthcare IT systems. No more so than other types of IT systems.
In fact, it should be cheaper. Since more and more people are becoming IT professionals, salaries are going down since more people have the same skill sets.
It's really not that difficult to protect and harden healthcare IT systems. No more so than other types of IT systems.
In fact, it should be cheaper. Since more and more people are becoming IT professionals, salaries are going down since more people have the same skill sets.
(1)
(0)
1
1
0
This is rather staggering statistic, but given the current state of affairs with cyber attacks become the norm in the news I am not surprised.
(1)
(0)
1
1
0
I suspect any and all organizations and individuals are targeted as much. Welcome to the 21st Century.
(1)
(0)
COL Mikel J. Burroughs
PO1 William "Chip" Nagel It is something we as a nation across all industries need to be aware of and start taking measures to protect PII and critical information. This seems to be a big area for IT personnel and that part of the workforce. It's also a big cost to all industries that will drive costs passed to the consumer up as well over time. I'm sure we are feeling it with products today and don't even realize it. Just a guess, I don't know for sure, but being in business all these years, the price of goods you are manufacturing will have to obsorb all interal fixed and variable expenses some how!
(0)
(0)
PO1 William "Chip" Nagel
21 years as a Military Electronic and Information Warrior (Before CyberWarfare) and before that I was Punk Kid BlackBox Man/Capt't Cruncher Pre Hacker. Good Cautionary Advice Col Mikel Burroughs.
(0)
(0)
(0)
(0)
PO1 William "Chip" Nagel
Also since old habits die hard. I am an Honorary Member of a group of what you might call "Hackers" that infiltrate Racist Facebook Pages and Flip them. Because we love to Post Goats. You might call us the Goat Squad.
(0)
(0)
1
1
0
1
1
0
I believe it is higher than 13 percent. I have found that getting companies and organizations to do security compliance is always a challenge because they dont take it seriously until there is a breach or loss of data. I am a SISO and my friends in the field joke that we will say employed as long as CFO's are cheap.
Security costs to implement. But it costs on average 3 - 5 times more after an incident or compromise. Until the bean counters get that fact there will continue to be serious issue of data loss. No network is 100 percent safe but if you could get companies to just implement better data security it would help immensely.
What I belive would help in changing the security focas of the health industy is patient asking about the protection of their PII. Ask where all of that paperwork with everything to steal your identity goes. Ask how your doctor office protects it. They should be protecting your SSN the same way they protect diagnoses from being disclosed.
Security costs to implement. But it costs on average 3 - 5 times more after an incident or compromise. Until the bean counters get that fact there will continue to be serious issue of data loss. No network is 100 percent safe but if you could get companies to just implement better data security it would help immensely.
What I belive would help in changing the security focas of the health industy is patient asking about the protection of their PII. Ask where all of that paperwork with everything to steal your identity goes. Ask how your doctor office protects it. They should be protecting your SSN the same way they protect diagnoses from being disclosed.
(1)
(0)
COL Mikel J. Burroughs
PO1 Sojourner "Chancy" Phillips You are most likely right. This was just a survey and surveys can be off by some pretty good percentages! Thanks for sharing your information
(0)
(0)
COL Ted Mc
PO1 Sojourner "Chancy" Phillips - PO; The (security) rule is "You can have all the security that you are willing to pay for.". The (accounting) rule is "You shouldn't pay more to prevent an incident than you would pay if it happened.". The (insurance) rule is "You will be charged enough so that even if we have to pay out every dime in coverage that your policy provides for we will STILL make a profit - and if we can't make it off you then we are going to charge everyone else even more so that we can make it off them.".
By and large, I suspect that "industries under threat" would be better off to pool their financial resources to fund "preventive measures" than they would be dispersing their financial resources so that insurance companies could make a profit. [This sentiment does NOT make me any friends amongst the insurance community - which would like you to forget that it got it's start when people pooled their resources to fund PREVENTIVE measures rather than RESTORATIVE measures (except for "shipping insurance" where you were ALWAYS playing with a deck that the house had stacked against you).]
By and large, I suspect that "industries under threat" would be better off to pool their financial resources to fund "preventive measures" than they would be dispersing their financial resources so that insurance companies could make a profit. [This sentiment does NOT make me any friends amongst the insurance community - which would like you to forget that it got it's start when people pooled their resources to fund PREVENTIVE measures rather than RESTORATIVE measures (except for "shipping insurance" where you were ALWAYS playing with a deck that the house had stacked against you).]
(1)
(0)
PO1 Sojourner "Chancy" Phillips
COL Ted Mc I can only dream that companies/agencies will fund preventative measures. That is the biggest battle. Getting bean counters to have a proactive and not reactive mindset.
(0)
(0)
COL Ted Mc
PO1 Sojourner "Chancy" Phillips - PO; The thing to remember is that what bean counters do is count beans and then compare the number of beans in "Pile A" with the number in "Pile B". The other thing to remember is that the bean counters can only make a guess as to how many beans there are in "Pile B".
Have you tried asking them how sure they are of what the actual cost of losing the lawsuit that is going to come as surely as the sun will rise in the East if they don't take the steps that are being recommended to prevent the occurrence of the type of incident being discussed? Have you documented it? Have you told them how devastating it is going to be to their defence when the fact that it was documented comes out - as it most surely will when the Plaintiffs make their demand for document discovery?
You can't convince them, but you sure can scare the hell out of them.
Have you tried asking them how sure they are of what the actual cost of losing the lawsuit that is going to come as surely as the sun will rise in the East if they don't take the steps that are being recommended to prevent the occurrence of the type of incident being discussed? Have you documented it? Have you told them how devastating it is going to be to their defence when the fact that it was documented comes out - as it most surely will when the Plaintiffs make their demand for document discovery?
You can't convince them, but you sure can scare the hell out of them.
(1)
(0)
1
1
0
By mandating all medical records be electronic, obamacare gave hackers/identity thieves a new target that has a lot of personal data.
(1)
(0)
1
1
0
No I did not know that 13% of healthcare organizations are targeted by external cyber attacks at least once a day COL Mikel J. Burroughs.
More interesting would be information on how effective in terms of penetration, delay in detection, whether it was a penetration, or access and retrieval, or all of the preceding plus infection of the system with malware, etc. How many companies are targeted multiple times successfully versus unsuccessfully? Is the cyber intelligence community sharing information with healthcare organizations to reduce vulnerability? How many of these are red team attacks?
I pose these questions here for discussion purposes. The answers to my questions should never be posted on this network :-)
More interesting would be information on how effective in terms of penetration, delay in detection, whether it was a penetration, or access and retrieval, or all of the preceding plus infection of the system with malware, etc. How many companies are targeted multiple times successfully versus unsuccessfully? Is the cyber intelligence community sharing information with healthcare organizations to reduce vulnerability? How many of these are red team attacks?
I pose these questions here for discussion purposes. The answers to my questions should never be posted on this network :-)
(1)
(0)
COL Mikel J. Burroughs
LTC Stephen F. Unfortunatley if you take a look at the link there are some very alarming percentages, but not hard numbers based on your questions.
(1)
(0)
LTC Stephen F.
COL Mikel J. Burroughs - if they had posted hard numbers to the answers of my questions they would be violating a few statutes and be in danger of appearing before one of the secret tribunals :-)
(1)
(0)
COL Mikel J. Burroughs
LTC Stephen F. Good copy! Obama would have given them a "get out of jail" free card! LOL!
(1)
(0)
Suspended Profile
Not at all surprising, given the modern espionage/terrorism climate today...
Read This Next
Continue with Facebook 
Continue with Google