Healthcare cybersecurity has changed significantly over the past decade. A compliance-driven, checklist-based approach used to be the standard. Now, we are moving toward more proactive measures to address high-velocity, high-impact cyberattacks.
Healthcare cybersecurity has changed significantly over the past decade. A compliance-driven, checklist-based approach used to be the standard. Now, we are moving toward more proactive measures to address high-velocity, high-impact cyberattacks.
Patient information is not like other types of information. It is very personal. That is why healthcare information must be kept both private and secure. Yet, there are many challenges. From technical misconfigurations to vulnerabilities and human mistakes, there are several reasons why healthcare cybersecurity programs face common pitfalls. The strength of a program largely depends on how well it is governed—and how well we are managing who (and what) has access to our systems, networks, devices, and physical spaces; when they have access; and why they have access.
Cybersecurity is a shared responsibility, and it is important for all stakeholders to act. Patient safety hangs in the balance. We are entrusted not only with their care but also with their information. Patient safety depends on the integrity and reliability of the patient information.
This book is intended to be a resource for a range of individuals involved in healthcare, including doctors, nurses, informaticists, cybersecurity professionals, compliance officers, vendors, contractors, and others—as well as those who are new to the field or are interested in learning more about healthcare cybersecurity.
1. Introduction to Cybersecurity,
2. Overview of the Threat Landscape,
3. Identity, Authentication, and Access Management,
4. The Evolution and
Impact of Malware,
5. Major Breaches,
6. Governance,
7. Board of Directors,
8. Social Engineering: Why, How, and What to Do,
9. Information Sharing,
10.
Artificial Intelligence,
11. Emerging Technologies and Innovation
Lee Kim JD CISSP CIPP/US is a global cybersecurity expert and a practicing attorney (AV peer review rated). Lee serves as a National Visiting Committee member of the National Cybersecurity Training and Education Center. Lee is also a founding charter member of the InfraGard Cyber Health Working Group. Previously, Lee served on the SANS Securing the Human Healthcare advisory board, (ISC)2 Government Advisory Council Executive Writers Bureau, and participated on working groups to draft the National Cybersecurity Incident Response Plan and the NIST Cybersecurity Baldrige Excellence Builder.
Significant initiatives include proposing and advocating for significant portions of the Cybersecurity Act of 2015, assisting Congressional staffers with legislative and oversight matters, and teaching before a wide variety of audiences on cybersecurity and data protection. Lee has served as a subject matter expert domestically in the United States and internationally, including in Canada, Italy, and Singapore. Lee is well versed in public policy as well as legal and regulatory frameworks both in the United States, Europe, and in the Asia-Pacific region.
Lee regularly works with CxOs, policymakers, attorneys and others regarding cybersecurity and data protection matters. Lee has a significant publication record in the United States and elsewhere spanning intellectual property, cybersecurity, and data protection matters.
Lee speaks before a wide variety of audiences, including the American Bar Association, Software Engineering Institute CERT Division, Carnegie Mellon University, Cisco, Industrial Control Systems Joint Working Group, DHS, FDA, InfraGard, HHS/OCR and NIST, PBI, Research America, Strafford, US Telcom Association, and Verizon. Lee is frequently featured or quoted by various media outlets, including the Canadian Broadcasting Corporation, Associated Press, Axios, Politico, Forbes, Wired, Huffington Post, and the Times of Israel.
Lisainfo e-raamatute kohta