The US Department of Health and Human Services is considering new requirements
In response to this growing threat, the U.S. Department of Health and Human Services (HHS) has introduced new measures designed to protect the sector from cyberattacks.
These measures include:
3.より大きな執行と説明責任をサポートするために、HHS全体の戦略を実装します。 HIPAA違反に対する潜在的な財政的罰則の増加を含む。
The aim is to prevent violations by better equipping hospitals with cybersecurity education and resources and strengthening HHS enforcement agencies.
Medical institutions don't know what they don't know
Even if patches and updates are made via USB, these OT systems may not be safe yet. Honeywell's research found that OT assets face serious and escalating risks from malware permeating through USB media (V). Another risk is that many cyberattacks target third-party OT systems where providers may be entitled to perform maintenance and upgrades.これにより、さらに別の脅威への扉が開かれます。
Three steps healthcare organizations should take right now
There is pressure for hospitals to strengthen their systems against cyber threats and implement all necessary defence measures. Here are the top three steps you should take to get started.
1. Create an incident response plan.これは、病院がダウンタイムに襲われた場合、または人工呼吸器やHVACシステムなどの重要な機器がサイバー攻撃で標的にされている場合、迅速に回復するために不可欠です。 Without a plan, hospitals cannot return and run quickly and efficiently, and they cannot ensure patients and staff are safe.
2.完全な資産在庫に注意してください。現実には、ほとんどのOTシステムにはIP接続がありますが、独自のシステムを監視するのと同じくらい密接にサイバー脅威のこれらの接続を監視することはありません。病院は、ITシステムとOTシステムの両方で環境で何を走っているかを正確に知っているため、すべてのシステムと直面しているすべての脅威と脆弱性をよりよく視認性があることが不可欠です。
3. I have a trusted partner. Before you can access the system by third-party vendors, hospitals need to understand the details of what the vendor is doing. Do they know what type of computer their vendor is using?操業を安全かつ安全に保つために、適切なチェックとバランスがありますか?病院は、継続的な透明性と説明責任のために、パートナーとの明確なコミュニケーションチャネルを確立する必要があります。
Talk to one of today's experts to learn how Honeywell can help improve cybersecurity in your healthcare organization.
