Threat Hunting in Healthcare: What It Is & Why It Matters

/in /by

Threat Hunting in Healthcare:  What It Is & Why It Matters 

 

  • What Is Threat Hunting?  
 
  • What do threats look like?  
     
  • Why does Threat Hunting Matter in Healthcare?  

 

 

Incident response is a vital part of a strong cybersecurity program. However, responding to cybersecurity threats and attacks is only part of the equation. Healthcare organizations need to be proactive in their security solutions, spotting threats before they lead to data loss.   

 

 This is where threat hunting comes in.  

 

 A comprehensive threat hunting program can assist in proactively safeguarding PHI and PII. Integrating threat hunting into your organization’s security posture requires threat assessment tools and expertise. Here is what your IT team should know about threat hunting and how it relates to healthcare.   

 

What Is Threat Hunting? 

Threat hunting involves proactively searching an organization’s cyber landscape for suspicious activity. Through the program, the IT team will search endpoints, databases, networks, cloud infrastructure, and file systems for signs of threats. Analysts typically use a combination of manual and automated searches to search for this activity.  

 

 This effort is a critical part of any robust cybersecurity program because it focuses on persistent threats. When a malicious actor enters a network, they may remain undetected for months or longer. The more time a cybercriminal has to execute an attack, the more sophisticated it may be.   

 

Threat hunting adds another layer to data loss prevention, taking a deep dive into networks, data sources, and endpoints to spot threats.   

 

Please click here to learn more about this. 

 

 

 

Two Key Ways Development Teams Can Increase Their Security Maturity

/in /by

Now more than ever, organizations need to enable their development teams to build and grow their security skills. Today organizations face a threat landscape where individuals, well-financed syndicates, and state actors are actively trying to exploit errors in software. Yet, according to recent global research, 67% of developers that were interviewed said they were still shipping code they knew contained vulnerabilities.

Helping your development teams progress to achieve security maturity is possible, and ultimately beneficial. It will help ensure secure software development at every stage of the software development lifecycle.

But how can you help your development teams reach security maturity?

We dug deep and leveraged insights from over 400 of our customers to identify traits and behaviors that occur when a development team increases its security maturity. Here we share two of them:

#1: A deep understanding of your gaps

Before creating any maturity program, we first need to understand the development team itself. What is its existing maturity level? What vulnerabilities do they struggle with? What are the coding languages they use? Only once you have the answers to these types of questions can an organization know what to prioritize in a development team maturity program.

Our research found that several of the organizations interviewed were able to obtain answers to these questions by hosting Secure Code Warrior tournaments. In these tournaments, developers are presented with a series of coding challenges and missions and then compete against each other to identify, locate and fix vulnerabilities. A tournament provides management with insights into what vulnerabilities developers are struggling with and, therefore, what a maturity program can focus on addressing first.

#2: Create a plan to succeed

Building development team security maturity cannot be a once-off, check-the-box approach but should be understood as a continuous cycle of improvement. Successful programs have included realistic goals for the individual developer and the entire team. Having goals keeps developers engaged in the maturity program by giving them a sense of achievement. Some organizations have found leaderboards, rewards for achievements, or offering more exciting projects for mature development teams are great incentives.

Building development team security maturity

By having a deep understanding of your team’s security maturity gaps and by creating a plan all parties support, you are well on your way to formulating a successful maturity program. The rewards are well worth the effort.

As an organization, you will:

  • Enable every developer to release secure code and fix code faster
  • Minimize risk by reducing recurring vulnerabilities
  • Ensure compliance while improving software development at speed
  • Improve productivity by significantly reducing the amount of time on rework and security tickets
  • Allow senior leaders to focus on critical strategic efforts due to greater efficiency and fewer wasted resources.

 

Source:

What is GIS?

/in /by

GIS and Healthcare…

 

There is no doubt that technology has made a significant impact in the medical world. Perhaps one of the most interesting technologies that has emerged onto the scene is one meant to more efficiently address geographical links to illnesses: Geographic Information Systems, or GIS.

 

What is GIS | Geographic Information System? GIS is an Abbreviation of Geographical Information System or Geo-spatial Information Systems or Geologic Information Systems (also Geo-spatial database management).  As the name suggests ‘GIS’ is related to geographical information. But before explaining “What is GIS?”, we should know about what Geographic information means? Geographic information is knowledge of where something is and defines the spatial reference of the element or matter present on earth’s surface.

 

 Geographic information systems are a sophisticated form of mapping software that enables users to visually display input data associated with a designated project. Displaying data visually allows users to see geographical groupings of patient demographic data in a new way. Furthermore, the program allows users to run statistical tests and answer ‘what if’ questions that can arise as a result of direct or indirect changes that take place.

 

Below are five potential benefits of integrating Geographic Information Systems with healthcare IT.

  1. Identifying Health Trends
  2. Tracking the Spread of Infectious Disease
  3. Utilizing Personal Tech
  4. Incorporating Social Media
  5. Improving Services

 

Please click here for all the details on the five potential benefits!

New FAR issued on definition of “Domestic Product”
/1 Comment/in /by

Joseph Goldberg

May 2, 2022 3:46 PM

Joseph Goldberg

I’m surprised there has been no mention of the new FAR 25-225 etc, on the definition of a “domestic product” to be used by contracting officers. The new FAR confirms the higher domestic content requirement to be a “domestic product.” Also, a) it says there will be further guidance on some things being put on a “critical items” list, we don’t know what these might be, and b) an increase in the price preference for “domestic products”, again we don’t know what this will be. With this change, the US will become more protectionist which must impact negatively our relationships with friends and allies.——————————Joseph GoldbergOffset Education LLCBridgeport CT——————————