Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Attackers shift sights from retail to healthcare in 2015

Caleb Barlow, Vice President at IBM Security | Feb. 5, 2016
In 2015, there was a tremendous uptick in the theft of health care data, while the number of compromised retail records decreased. Caleb Barlow of IBM Security explains why this is so.

What Can Health Care Organisations Do to Safeguard Health Care Information?
There are many ways organizations within the health care industry can protect their valuable information. It starts by having security teams:

  • Think like an attacker and conduct regular penetration tests to identify weaknesses within the organization.
  • Identify where the crown jewels reside within the organisation.
  • Encrypt passwords, especially those for privileged users.
  • Encrypt patient information, even at rest and within the electronic system.
  • Scan and test applications before deploying them within the organszation, ensuring they are secure and that proper coding practices were followed.
  • Segregate patient data from other data.
  • Follow the principle of least privilege, allowing data access only to users who require it to do their jobs.
  • Implement a defense-in-depth strategy with multiple layers of security.
  • Have a dedicated information security professional with the power to make risk-benefit decisions that improve the overall security posture of the organization.
  • Conduct a security framework and risk assessment and then develop an incident response plan.

 

 

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.