The U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.
Federal regulators have informed UnitedHealth Group that they have launched a full-fledged investigation into a potential massive compromise of protected health information stemming from the Change Healthcare cyberattack. A potential PHI breach could affect tens of millions of individuals.
Experts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.
The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.
First-party fraud hits banks from many different places - credit card fraud claims, bust-out schemes, lending fraud and synthetic identity fraud. The diversity of scams poses major challenges in spotting fraudulent activity, said Frank McKenna, chief strategist and co-founder of Point Predictive.
The healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and a federal cyber adviser.
The Department of Health and Human Services is working on grant programs and other financial programs to help under-resourced healthcare organizations deal with the cybersecurity challenges they're facing, said La Monte Yarborough, CISO and acting deputy CIO at HHS.
The Biden administration doesn't propose huge leaps in cybersecurity funding in an annual spending blueprint unveiled Monday afternoon. U.S. federal civilian cybersecurity spending would amount to $13 billion, while the military would spend $14.5 billion.
First-party fraud is largely invisible. It requires financial institutions to overhaul their traditional fraud detection approaches. Unlike more commonly recognized forms of fraud, first-party fraud involves account holders acting deceitfully, which makes detection and prevention more complex.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
In the latest weekly update, ISMG editors discussed the cyberattack that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at Information Security Media Group.
The National Security Telecommunications Advisory Committee is recommending the administration work to establish financial incentives, such as tax deductions and federal grants, for critical infrastructure owners and operators that implement enhanced cybersecurity standards.
The U.S. Cybersecurity and Infrastructure Security Agency hopes to expand voluntary information sharing between the federal government and open-source software operators with a series of actions the agency announced following a two-day open-source security summit held at its Virginia headquarters.
The Office of the National Cyber Director says a second iteration of the implementation plan for the national cybersecurity strategy is on its way, just as experts tell ISMG under-resourced federal agencies and critical infrastructure entities are struggling to achieve the strategy's framework.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.