Security News > 2023 > April > Healthcare organisations urged to improve system security
Volumes are increasing rapidly, and so is the complexity of the digital storage facilities: healthcare providers today house patient information on multiple data platforms such as on-premises servers, electronic health record systems and public/private cloud services.
What's more, modern healthcare environments also span sophisticated medical systems and Internet of Things devices that are interconnected with each other and, in some cases, externally to the internet.
SANS highlights the value of leveraging CIS Controls from the Center for Internet Security which provide a blueprint for cyber hygiene best practices based on current offensive tactics, techniques, and procedures.
These controls provide a cost-effective, measurable, means of technical cyber hygiene automation and can be used to inform defensive countermeasures specifically designed to block known cyber-attacks and disrupt the attacker's ROI. It's also important for cyber security pros to keep up-to-date with relevant data protection regulations and demonstrate compliance with rules on how to defend patient data and related systems.
SANS offers more information about building a healthcare security and compliance programme which can be found here.
To help infosecurity professionals the SANS Institute also offers support, a host of free resources and practical advice for stopping cyber attacks on healthcare organisations.