Healthcare’s Security Posture
As part of my interview series from BlackHat I spoke with Mike Weber VP Coalfire Labs – they are a large Cybersecurity Systems provider focused on securing transactions in the cloud working with all if not most of the cloud providers. Coalfire just released their Penetration Risk Report that included a special section on Healthcare. Not surprisingly the news wasn’t good showing that healthcare had the worst “External Posture” with the least security for anything that can be seen by an attacker – external facing systems such as routers, firewalls etc.
The biggest issue was with legacy systems and many instances upgrades installed but the legacy and unsecured systems remain in use.
Listen in to the interview and hear Mike’s thoughts on Incremental Steps to combat the Security challenges faced in healthcare. As he and others have pointed out Medical records are high risk because they have such a long shelf life offering a rich vein to exploit for anyone able to steal these records.
Incremental Steps for Improving Healthcare’s Security Posture
- Upgrade Old Systems and Importantly plan retirement for old systems as part of the upgrade
- Consolidated Your audit program to Decrease Audit Fatigue
- Prioritize Your “Crown Jewel’s” of the data and Systems you are protecting
Here’s the short list:
- Personal data is the top target (highest value) – medical identity information has a smaller market
- Platform Access – and the ability to install ransomware
- Encrypt everything
You can also follow me here on medium, on twitter, or on facebook or Sign up to receive my posts each week