Privacy & Security

SANS' practical cyber hygiene steps for healthcare

Providers can take steps now to prevent attacks or breaches but must be diligent to succeed
By Jack McCarthy
November 17, 2015
07:53 AM

With every high profile breach of corporate information systems, the perception is growing that hackers have the upper hand on organizations that are increasingly vulnerable to attacks. But is that consensus actually true?

"Frankly: We don't believe that," said James Tarala, senior instructor at the SANS Institute, a non-profit specializing in information security and cybersecurity training. "There are steps you can take to stop these things from taking place, but you have to be consistent and diligent."

Tarala said a body of work has grown up in recent years in response to attacks based on comprehensive research from the likes of the National Security Agency and the Department of Homeland Security, as well from nonprofit and private security organizations to set out guidelines for proper information security roadmaps, best practices that constitute sound cyber hygiene.

Tarala will be outlining these roadmaps in two SANS workshops at the HIMSS and Healthcare IT News Privacy & Security ForumThe tracks are titled, "SANS Workshop - Implementing Healthcare Cyber-Hygiene with the Critical Security Controls." 

[Learn more: Meet the speakers at the HIMSS and Healthcare IT News Privacy and Security Forum.]

Attendees will receive information on actual attacks that could have been stopped or mitigated through implementing good cyber-hygiene practices while focusing not only on the best way to block known cyber-attacks but also best practices on mitigating the damage from attempted cyber-attacks.

Tarala said the latest security technology alone will not be able to stop hackers bent on breaching corporate perimeters.

"There are certain core principles involved in security, such as knowing what systems you are trying to defend, having inventory of those systems, knowing what software you allow to run in your organization, ensuring systems are configured properly," Tarala added.

The workshops will help people understand what it means to be involved in a cyberattack, including what causes them. Through case studies, participants can better grasp what actually happens and see what defenses can be put in place to stop these attacks.

"It's all practical," Tarala said, "so you can see how you can go back to your office and put effective security measures in place."

Register for The Privacy & Security Forum here. The Forum runs Dec 1-3 at The Westin Boston Waterfront Hotel. 

Related articles: 

5 tips for winning a bigger security cybersecurity budget 

CIO on security: 'You can't do it alone' 

Q&A: Richard Clarke's worst security nightmare

Topics: 
Privacy & Security

More regional news

Doctor charting in EHR

Telehealth, hybrid care adding to physicians' EHR workload

By
Nathan Eddy
May 02, 2024
UHG CEO Andrew Witty

UHG says it's rebuilding Change Healthcare with cloud-based security

By
Andrea Fox
May 02, 2024
Walmart store

Walmart announces closing of clinics and virtual care

By
Susan Morse
May 01, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

UHG CEO Andrew Witty
UHG says it's rebuilding Change Healthcare with cloud-based security

Most Read

WebMD acquires Healthwise to bolster patient engagement and growth
How the Change Healthcare cyberattack is straining providers, and what the government can do
HHS response to cash flow concerns from Change cyberattack inadequate, providers say
After Change Healthcare, more effort needed to avoid cyberattack chain reactions
HIMSSCast: Web apps are ubiquitous in healthcare – and come with vulnerabilities
Change Healthcare begins to restore service after cyberattack – as lawsuits begin

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Privacy & Security
Artificial Intelligence
Analytics

Video

Jessica Skopac at MITRE_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How MITRE helps break the silos of healthcare and technology
Emily Barey at Epic_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Saying 'yes' to the possibilities of a health IT career
Abigail Norville at the Netherlands Ministry of Health_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How the Dutch health ministry takes innovation inspiration from other nations
Dr. Guido Giunti at Trinity College Dublin_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Novel digital therapeutics for MS empower patients

More Stories

Ellen Arigorat at NewYork-Presbyterian Hospital Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
HIMSS Changemaker champions Filipino-American health literacy
Doctors review practice finances
LLMs are not ready to automate clinical coding, says Mount Sinai study
Gustavo Adolfo Torres Becerra at Minsait__Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Healthcare organizations need interoperability to give residents preventative care
Digital render of a DNA helix
Pharmacogenomics could improve medication safety and reduce waste
Alfredo Almerares, clinical executive manager at InterSystems
How the 'human factor' drives successful healthcare technology adoption
Health professional at desktop computer
How AI-powered systems can help physician groups improve coding – and earn more
Nurse huddle with tablet
Nurses have a deep distrust of AI – but transparency and training could help
Dr. Jonah Feldman at NYU Langone Health System_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Want to reduce readmissions? Personalize digital discharge guides