Why Security Priorities Need to Shift to Safety Issues

Joshua Corman, co-founder, I Am The Cavalry
The healthcare sector’s cybersecurity efforts need to shift from a focus on protecting patient information confidentiality to protecting patient safety, says Joshua Corman, co-founder of I Am The Cavalry, a grassroots, not-for-profit cyber safety organization. He’s also chief security officer at software developer PTC and a fellow at the Atlantic Council.
See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach
“We make a joke in the Cavalry: I love my privacy; I’d like to be alive to enjoy it,” he says in a video interview at Information Security Media Group’s recent Healthcare Security Summit in New York.

The top security priority of most healthcare sector entities has long been protecting the privacy of patient information, Corman notes. But as ambitious new efforts, such as the national Precision Medicine Initiative, take shape, organizations also need to “focus on patient safety and the availability of critical resources,” he says.
“It’s not that privacy doesn’t matter – we’re failing miserably at it – and in a lot of ways, the toothpaste is out of the tube. But if you just design for privacy, you might encrypt things, but if you design for privacy and safety, maybe you design things differently,” he says. “The threat models are more comprehensive. So there’s significant work to do, and right now, if a hospital has to choose between protecting a patient record or protecting the patient … there’s no incentive to protect the patient, really. This is unchartered territory and we’re out of time.”
In the interview, Corman also discusses:
The serious threats to patient safety posed by ransomware and other cyberattacks on the healthcare sector;
Recent hacking simulations conducted by I Am the Cavalry involving emergency room physicians to study the potential safety impact on patients;
The cybersecurity challenges facing especially small, midsized and rural healthcare providers.
多家公司用户数据库泄露,直接从谷歌网站即可搜索,所以我们应该重视搜索引擎泄密,要积极利用搜索引擎,密切监控自身的暴露情况。
In addition to his work at I Am the Cavalry, Corman is also chief security officer at software developer PTC, a fellow at the Atlantic Council, and a member of the Department of Health and Human Services’ Cybersecurity Task Force. Corman formerly served as chief technology officer for Sonatype, director of security intelligence for Akamai and in senior research and strategy roles for The 451 Group and IBM Internet Security Systems.
云南昌宁开展“两客一危”从业人员安全警示教育培训
互联网的创新让组织受益,新的技术可能是业务成功的驱动力,我们的信息安全管理人员应该主动及时了解这些创新技术中的各类风险,趋利避害,在享受新技术带来的回报时,部署和实施必要的风险控制措施降低可能带来的损失。

猜您喜欢

建立企业安全文化的关键
网络安全宣传之电信诈骗防范
网络安全法网络宣传片 002 国家网络安全的现状与重要性概述
清华硕士为上非诚苦等5年却放弃牵手自己走
SAMOBRANOCHKA-L EZCASHSPOT
地理位置信息泄露