Archive for October, 2016

HHS funding for cybersecurity efforts

October 5th, 2016

Health and Human Services (HHS) was awarded a total of $350,000 in corporate agreements to improve further information sharing in the industry. It will also improve to tackle cybersecurity threats in both private and public health sector.  cyber-security

It is found out that many smaller healthcare organizations do not have the same facilities and methods to prevent or respond to cybersecurity attacks. HHS streamlined cyber threat information sharing will improve the situation. The process will help facilities send cyber threat data to a single entity. Stake holders affected by the attack are then informed.

“The agreements also will help build the capacity of NH-ISAC to receive cyber threat information from member healthcare entities,” HHS wrote. “Information about any system breaches and ransomware attacks will be relayed through a more robust cyber information sharing environment, as will information about steps healthcare entities should take to protect their health information technology systems.”

The National Health Information Sharing and Analysis Center (NH-ISAC) of Ormond Beach, Florida reported that they received corporate agreement for $250,000 from the National Coordinator for Health Information Technology (ONC).

Funding of $100,000 from HHS’ Office of the Assistant Secretary for Preparedness and Response (ASPR) was given to NH-ISAC.This corporate agreement will help to build the infrastructure necessary to eliminate cyber threat.

National Coordinator for Healthcare Information Technology Dr. Vindell Washington said in a statement, “Electronic health information security is essential to the evolving healthcare ecosystem. The HHS funding will assist organizations of all sizes share pertinent information to the latest healthcare cybersecurity issues.”

“Creating a more robust exchange about cybersecurity threats will help the industry prevent, detect and respond to these threats and better protect patients’ privacy and personally identifiable information.” HHS’ Assistant Secretary for Preparedness and Response Dr. Nicole Lurie said.

____________________________________________________________________________________________

Alertsec is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Insider Threat

October 3rd, 2016

According to the latest survey of 500 IT professionals, one in three respondents said that their business has experienced an insider strike in the last year. Other observation includes: survillance

  • Seventy four percent said that their business is exposed to insider threats
  • Fifty six percent said insider flows are becoming more regular
  • Seventy one percent said they are most worried about inadvertent flows resulting from the use of unsecured mobile devices, accidental outside sharing, and unsanctioned programs
  • Sixty eight percent are worried because of threat caused by neglect
  • Sixty one percent are worried because of threat caused by malicious insiders

Privileged users have emerged as the biggest security threat which represents 60 percent of businesses. Respondents said rise in the number of apparatus with access to sensitive information, inadequate data protection options, worker training, and more information leaving the network perimeter are causing more insider threat. Cloud storage programs and cooperation software are seen as the most exposed.

“Adoption of cloud and BYOD are positive developments, but organizations that have limited cross-app visibility will struggle to detect anomalous behavior and need to rethink their approach to data security,” Bitglass CEO Nat Kausik said in a statement. “The reality is that cloud apps have made data more readily accessible and insider threats more prominent — it’s up to the enterprise to put adequate data controls and policies in place to secure vital data.”

Twenty three percent said it can take them a month or more to identify an insider violation

Sixty six percent said stopping insider risks is more challenging than shielding against outside dangers

A different RedOwl study of 281 participants at Black Hat 2016 found that 47 percent of participants had experienced an insider event of some sort in the previous year.

When asked who in their business is intrigued in mitigating insider risks, answers contained- typical workers, executives, board of directors, human resources, and IT and security teams. Impact of insider events are standing legal repercussions, IP loss, financial loss, negative cultural impact, and brand damage.

____________________________________________________________________________________________

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption software.