Security by Obscurity

 

During the budgeting cycle, departments may ask for increases in their respective budget, padding it or to accommodate capital purchases. When the senior management does not recognize the importance of security, the thought may float through their mind of what if we do nothing? After all, nothing has happened.

Well, nothing has happened…yet. The healthcare industry is targeted for many reasons and there are many options as to the individual targets, methods of attack, and other facets. A breach in this environment is horrific operationally with systems shut down for days or weeks, ERs shut down, patient data exfiltrated, etc. There is also the potential for patient mortality being directly attributable to the breach. Financially this can be a nightmare as the healthcare provider has to quickly address the issues and contract with a forensic firm to review the breach, what was accessed, and everything else with the issue. This is not cheap.

By ignoring cybersecurity and thinking you can get through the next cycle without adequately addressing this, the healthcare provider is doing everything they can to set themselves up for failure on the business, functional, and patient care side.

Services 

Enterprise and Embedded System Cybersecurity Engineering & Architecture

Red Team Pentesting   |   HW & SW BoMs  |   CBoM  | 

Vulnerability Management   |   Tabletop Exercises (TTX)   | 

Embedded Systems Architecture   |   Threat Intelligence   | 

TARA (Threat Assessment and Remediation Analysis) 

 charles.parker@mielcybersecurity.net 810-701-5511