1. Forum
  2. FIDO
  3. POLITICS

  • US government wants to to

    From Mike Powell@1:2320/105 to All on Tue Dec 31 10:41:00 2024
    US government wants to toughen up cybersecurity rules for healthcare organizations

    Date:
    Mon, 30 Dec 2024 17:23:00 +0000

    Description:
    A new set of US government requirements aims to tighten cybersecurity after multiple recent attacks.

    FULL STORY

    A new set of requirements have been proposed by the US Department of Health
    and Human Services (HHS) for healthcare firms in the country to ensure the personally identifiable information of patients and company data is
    adequately protected. The proposal includes routine vulnerability and breach scans, data encryption, and multi-factor authentication.

    The new requirements would also make it mandatory to use anti-malware protection for systems which handle sensitive information, as well as network segmentation, implementing separate controls for data backup and recovery,
    and yearly audits to check for compliance.

    Healthcare organizations have been increasingly targeted by threat actors due to the amount of sensitive data they hold and the crucial service they
    provide - meaning the organizations are often forced to pay large ransoms for their systems and information in order to continue operating.

    The cost of updated standards

    Implementing these requirements will cost an estimated $9 billion in the
    first year, and $6 billion in the following two years, according to Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger.

    Despite the cost, Neuberger points out that these requirements add necessary protections given that the number of large scale security breaches and ransomware affecting healthcare organizations has skyrocketed by 102% since 2019.

    Healthcare data is being repeatedly sold across the dark web, with an attack
    on UnitedHealth Group leading to over 100 million US customers exposed -
    which was disruptive to both patients and staff.

    "In this job, one of the most concerning and really troubling things we deal with is hacking of hospitals, hacking of healthcare data," said Neuberger.

    Hospitals have been forced to operate manually and Americans' sensitive healthcare data, mental health information and other information are "being leaked on the dark web with the opportunity to blackmail individuals."

    Via Reuters

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/us-government-wants-to-toughen-up-cyber security-rules-for-healthcare-organizations

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)