What would be the Top 3 items to consistently work on so that cybersecurity does not have to be worried about.
(Main image above is the Cottage Health systems picture back when they had a security issue https://oversitesentry.com/health-records-breached-no-cyberinsurance-payout-why-stupidity/ May, 2015 post).
I.e. if one works on these Top3 items then cybersecurity in general will be easier to handle or manage.
Here is an image of Jane and Jim the sample example where 2 doctors or other office personnel are reviewing what needs to be done with some coffee throughout the day.
Let’s review some items in Cybersecurity to review:
Protect sensitive data, Ransomware attacks, phishing and social engineering, Legacy system update, regulation compliance (HIPAA and PCI), 3rd party vulnerabilities, insider threats, IoT and medical device security vulnerability. Evolving threats are always going to be a whirlwind of potential threats and risks in the office and lab environment (also various hospital areas).
A standard based equipment list is easier to manage, but some legacy devices could cause problems.
Out of the above 8 items what are the top3 items to focus on that would make everything easier?
Phishing and social engineering is a must train item since most attacks start here.
Protecting sensitive data if done right could handle several of the topics (ransomware, insider threats, 3rd party vulnerabilities, and regulations or compliance).
And the last one? I will call it “Update and manage” COMBO Legacy devices, IoT, and medical devices
Contact me to work on the security policy