Week 3 of the Department of Homeland Security’s National Cybersecurity Awareness Month has come and gone, bringing with it a host of quality cybersecurity tips and guidance. This is a time where individuals and businesses spread awareness of the importance of cybersecurity, ensuring that all digital citizens have the resources they need to be safer and more secure online.
The third week’s theme is “Securing Internet-Connected Devices in Healthcare.” Cyberattacks against devices used by healthcare organizations have quadrupled since March, so this is a deeply relevant theme for millions of users all across the globe. Organizations and individuals came together to provide healthcare security tips and guidance to share in this time of global uncertainty.
In this blog, we’ll share some of the best contributions to the discussion this week and provide some knowledge of our own to celebrate Cybersecurity Awareness Month.
Why it’s worth reading: The advancement of technology in healthcare and government is inherently very gradual due to widespread rules and regulations. It’s fascinating to observe the process of policy being developed off the back of real-life events. We’re standing on the cusp of a long trend of cybersecurity policy and awareness, so take a look and see how the sausage is made.
About the Author: Jessica Davis is a senior editor at HealthITSecurity, a publication that focuses on the intersection between information security and healthcare. In this article, she discusses the substantial ransomware attack that brought down the IT operations of over 400 UHS locations across the country. UHS is currently the subject of a senate probe, with legislators demanding answers and accountability for this large scale attack. While data breaches and their fallout are usually widely publicized, it’s unique to be able to observe the process for driving change in healthcare policy.
Why it’s worth listening: Experts with several decades of cybersecurity experience between them meet to discuss an extremely important topic in the current year. The rise of nation state actors in security has been on the rise for the past decade, but is still a somewhat controversial conversation piece even after countless well-documented incidents have made headlines. Frank discussion on the subject is rare, which is what makes this round table so insightful. Panelists also cover their ongoing intrusions and what "taking off the gloves" might look like. This topic is extremely relevant to the healthcare space, as COVID-motivated attacks by nation state actors have been harrying healthcare organizations for the past 6 months.
About the Panelists: Tom Field, Vice President of Editorial at Information Security Media Group, leads the discussion. Field brings up several interesting questions regarding the current state of foreign nation-state attacks on the US and other countries, as well as the implications this has on the upcoming election.
Sam Curry is the Chief Security Officer at Cybereason. Previously, he worked as a security officer at RSA, the security division of EMC, Microstrategy, Computer Associates and McAfee.
Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black, is the former CEO of Strategic Cyber Ventures. Kellerman previously held a seat on the Commission on Cyber Security for the 44th President of the United States and served as an adviser to the International Cyber Security Protection Alliance. He brings a unique perspective to the table on the subject of emerging and undocumented threats.
Why it’s worth reading: While healthcare organizations brace for another spike in the amount of pandemic-related cases and patients, it can be very tempting for them to focus their attention away from issues like security risks. This article makes many salient points about the risks that cyber threats play in the current healthcare ecosystem and outlines the basic steps that can be taken to protect oneself and one’s organization.
About the Author: Mike Wolcowicz is the Vice President of Cybersecurity at British Telecom, and has had multiple decades of experience in the security industry. Using his knowledge of the space, he is able to clearly define processes for improving security protocols in language that non-technical administrators can understand. It’s important to remember that this month is about spreading awareness of the risks and dangers of cyberattacks with those who have less exposure to them. Part of doing this well is presenting topics in a way that is accessible to everyone.
Why it’s worth reading: Cybersecurity is an industry that greatly benefits from good actors sharing information and collaborating to surmount challenges posed by known and emerging threats. However, many obstacles make this a task that is easier said than done. This article explains the benefits of collaborative information sharing, as well as some of the industry roadblocks that make this difficult in a practical setting. Collaboration is a popular idea in the security space, but it’s somewhat rare to read about the practicality of putting it into action.
Dan Young is a partner and CEO at QuoLab Technologies. He has nearly 15 years of experience in the areas of digital forensics and incident response. Prior to QuoLab, Young was involved with the U.S. Department of Defense and United States Air Force in several digital forensics analyst positions. He has a unique perspective in working with the human side of cybersecurity, and is passionate about bridging the gap between separate entities in order to promote collaboration and information sharing.
As the organizers of National Cybersecurity Month, the National Cybersecurity Alliance has provided a number of text and image resources to share and distribute freely. This one is particularly relevant to this week’s theme, and contains helpful tips to keep devices and data safe this October and beyond. Topics include vendor evaluation, password strength, and software updates, three extremely important data points for healthcare institutions.
For more information on how to participate in National Cybersecurity Month, and to find more infographics like this, check out the NCSA’s website. There you will find information on how to help spread awareness of this extremely important subject.
To learn more about Verkada’s obsession with cybersecurity, check out this exploration of some of our security features and policies. Topics covered include data encryption, identity protection, and the methods by which we secure our cloud data.