Healthcare organizations are struggling to ward off cyberattacks, a challenge that is forcing companies to think more strategically about how to achieve their cybersecurity goals. This week evidenced that the struggle is indeed real when Point32Health, the parent company of two major health care plans in Massachusetts, had to notify members that their systems have been impacted by a ransomware attack. This news comes only weeks after the breach at DC Health Link, which exposed personal information of several members of Congress. Now, legislators want to hold someone accountable, which highlights not only the importance of having an incident response plan but also ensuring that business continuity and disaster recovery are elements of every IR plan.
To help address the issues the healthcare industry is facing, the Department of Health and Human Security released “guidance for addressing key cybersecurity threats as well as a digital training platform for hospitals.”
In more positive news, nearly three dozen tech companies published a Cybersecurity Tech Accord, “that promises to protect the group’s collective users and customers from cyberattacks by designing offerings that prioritize security and privacy and that are developed with an eye to reducing vulnerabilities.”
This joint effort resonates with the theme of RSA Conference 2023: Stronger Together. We hope that you plan to join us next week to learn more about protecting data & the supply chain, the latest trends in hackers & threats, and how to build the cybersecurity workforce of the future.
Now let’s take a look at what else made cybersecurity headlines this week.
Apr. 21: Harvard Business Review wrote, “ChatGPT opens up new avenues for hackers to potentially breach advanced cybersecurity software.”
Apr. 20: The Guardian reported, “The Australian-US cybersecurity company that last year revealed the extent of TikTok’s data collection says the social media company has increased what location information it collects to include altitude, which could tell it what floor of a building a user is on.”
Apr. 20: Fincantieri Marinette Marine Group experienced a cybersecurity incident that impacted email and disrupted some computer systems, according to news from Green Bay Press Gazette.
Apr. 19: “Nearly $1 million in taxpayer money is gone from Manatee County coffers this week after cybercriminals duped county officials into paying for what they thought was official business,” WFLA reported.
Apr: 19: At a government cybersecurity conference in Belfast this week, the director of Britain’s National Cyber Security Centre (NCSC) warned about China’s goal of achieving “global technological supremacy.”
Apr. 18: The group Anonymous Sudan, believed to have ties to Russia, claimed responsibility for the cyberattack that targeted Israeli websites on the last Friday of Ramadan.
Apr. 18: NBC News reported, “Russian-aligned cyber groups outside Moscow’s formal control represent a growing threat and are looking to target critical infrastructure in the West, according to Britain’s cybersecurity agency.”
Apr. 17: BBC News reported that a data breach on a Londonderry-based IT company resulted in a ransomware attack on multiple charities in Ireland and the UK.