New HIPAA Cybersecurity Rules Pull No Punches
Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.
Critical infrastructure depends on interconnected operational systems, where cyber incidents can disrupt essential services, safety, and availability.
Search across headline titles and summaries.
Background for this topic.
Critical infrastructure includes systems and assets vital for public health, safety, and economic stability, such as power grids, water treatment, transportation networks, and healthcare facilities. These systems often combine physical components with industrial control systems (ICS) and operational technology (OT) that manage essential services in real time.
From an information-security perspective, critical infrastructure faces risks like unauthorized access to control systems, disruption of service availability, and manipulation of sensor data. Defending these assets requires specialized security measures tailored to ICS environments, including network segmentation, strict access controls, and continuous monitoring for anomalies. Ensuring resilience also involves coordinated efforts between operators and government agencies to address vulnerabilities unique to legacy systems and proprietary protocols.
Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it.
Integrity Technology Group was found complicit with Flax Typhoon as part of a broader Chinese strategy to infiltrate the IT systems of US critical infrastructure.
French tech giant Atos, which secures communications for the country's military and secret services, has denied claims made by the Space Bears ransomware gang that they compromised one of its databases. [...]
The changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.
Experts: New Mandates Could Be Difficult, Costly for Many EntitiesThe U.S. Department of Health and Human Services' proposed overhaul of the 20-plus-year-old HIPAA Security Rule aims to drastically improve the state of healthcare sector cybersecurity, but the potential new requirements could mean difficult and expensive heavy lifting for many regulated entities.
Hackers Reportedly Target Treasury Department Offices Overseeing Economic SanctionsA Chinese hack of the U.S. Department of Treasury targeted offices tasked with overseeing economic sanctions and financial investigations, as experts warn Beijing is increasingly escalating attacks on American critical infrastructure while preparing for potential future conflict.
The US government has set out proposals to increase security obligations on healthcare providers to protect patient data amid surging cyber-attacks in the sector
German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia
The first 100 days of the next Trump administration and new Congress will be critical in showing signs of what's potentially in store for the healthcare sector cybersecurity, privacy and related regulatory and legislative issues in the new year, said Chelsea Arnone and Cassie Ballard of CHIME.
As healthcare entities embrace generative AI tools, it's critical they take a holistic approach addressing privacy and security governance, said Dave Perry, digital workspace operations manager, St. Joseph's Healthcare in Ontario, who discusses how his organization is tackling those challenges.
From targeted espionage to pre-positioning - not that they are mutually exclusive The Chinese government's intrusions into America's telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructive attacks.…
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients' health data following a surge in massive healthcare data leaks. [...]
The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks