Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security in HealthIT Mark Longworth Independent Security Consultant

Published bySybil Berenice Harrington Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber Security in HealthIT Mark Longworth Independent Security Consultant"— Presentation transcript:

1 Cyber Security in HealthIT Mark Longworth Independent Security Consultant mlongwth@gmail.com

2 Who Am I? CIA Telecommunications Engineer Invented NetWitness: Network Forensics Analysis Tool (Spyware) Worked with the Intelligence Community to develop Forensics (spyware) and Counter-forensics (counterintelligence) solutions Challenged to investigate Health IT Security

3 SECURITY

4 Where are we now? Human Error Spy v. Spy  Criminal: Health IT Anthem (78m), Premera (11m), UCLA (4.5m), CareFirst (1.1m) In 2015: 43 reported hacker incidents, 110m breached records[1] Hacking, Theft/Loss (Laptop) PHI is worth money… you all have it [1] https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

5 But Wait… It’s Worse FDA / HHS warning on Medical Devices FDA Warning (Hospira’s LifeCare PCA3 and PCA5 Infusion Pump Systems) FDA / HHS warning on Medical Mobile Application Security errors can cost you: Money: Hard Losses, Reputation Losses, Remediation Losses, Penalties Life: Medical Devices hacked could lead to death or serious injury

6 Oh Yeah, and Also… EMR systems still being adopted ICD-10 Conversions Interoperability Communications systems lag other industries (Ponemon) Patient Capture systems: ZocDoc, etc. BYOD Cloud …

7 What People are Saying To Do Perform a Risk Assessment Follow good cybersecurity hygiene Don’t use default passwords Isolate things in your network

8 What can you do? SECURITY

9 What Can you REALLY Do? Risk Management Framework from NIST / NIST 800-66 Get Organized Get Structured Prioritize Advance Maturity HIMS Risk Assessment Toolkit Other tool kits

10 Questions? Mark Longworth Independent Security Consultant mlongwth@gmail.com

Download ppt "Cyber Security in HealthIT Mark Longworth Independent Security Consultant"

Similar presentations

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Travelers CyberRisk for Insurance Companies

Travelers CyberRisk for Insurance Companies
November, 2012 What’s The Rush? Learn Why Now is the Time to Become HIPAA Compliant.

November, 2012 What’s The Rush? Learn Why Now is the Time to Become HIPAA Compliant.
DATA BREACHES IN HEALTHCARE BY CHUCK EASTTOM

DATA BREACHES IN HEALTHCARE BY CHUCK EASTTOM
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Working Jointly to Tackle e-Crime Paul Wright Hi-Tech Crime Team City of London Police.

Working Jointly to Tackle e-Crime Paul Wright Hi-Tech Crime Team City of London Police.
OPM Cybersecurity Competencies by Occupation (Technical Competencies) 2210085508540391 Information Technology Management Series Electronics Engineering.

OPM Cybersecurity Competencies by Occupation (Technical Competencies) Information Technology Management Series Electronics Engineering.
IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.

IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.
Formulating a Security Policy for the Modern IT Landscape.

Formulating a Security Policy for the Modern IT Landscape.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
HEALTHCARE BREACHES Andrew Kuebler MIS 534 April 15, 2015.

HEALTHCARE BREACHES Andrew Kuebler MIS 534 April 15, 2015.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.
Brett Miller, Medical School Chief IT Security Officer IRBMED Seminar Series April 28, 2015 Data Security.

Brett Miller, Medical School Chief IT Security Officer IRBMED Seminar Series April 28, 2015 Data Security.
1 © 2015. All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End.

1 © All Rights Reserved. William Gallagher Associates Insurance Brokers, Inc. Data Breach Prevention and Response: Front-End Detection and Back-End.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
ISMS for Mobile Devices Page 1 ISO/IEC 27001 Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.

ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.
Business Continuity from an Insurance Perspective Presented by Jim Carter Manager, Risk & Insurance.

Business Continuity from an Insurance Perspective Presented by Jim Carter Manager, Risk & Insurance.
AUGUST 25, 2015 Cyber Insurance:

AUGUST 25, 2015 Cyber Insurance:

Similar presentations

Ads by Google