Top Cybersecurity Challenges Facing Healthcare ProvidersDenise Anderson of H-ISAC on Risks Posed by Vendors, Lax Practices, Global Events
With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health Information Sharing and Analysis Center.
"First of all, they need to have awareness of who their vendors are," she says. "Build into contracts language that ensures that the vendors or third-party suppliers are putting good best cybersecurity practices in place so that you're protected as an organization using their services," she says.
Anderson says that's especially important if the vendors have access to an organization's systems. "That's huge," she says.
She also says it's imperative for entities to understand all the various vulnerabilities and risks that a third party could present, including those involving geopolitical and other situations that could affect a supply chain.
For example, droughts in China are affecting chip production, according to Anderson, which can potentially affect all kinds of computers and other technology products that entities depend on.
In this interview with Information Security Media Group, Anderson discusses:
- The top threats facing the healthcare sector;
- Dealing with issues related to intellectual property;
- How healthcare CISOs need to respond to attacks on healthcare providers.
Anderson leads the H-ISAC and chairs the National Council of ISACs. She is also a health sector representative to the National Cybersecurity and Communications Integration Center, which is a Department of Homeland Security-led coordinated watch and warning center. Anderson serves on the board of the Global Resilience Federation and is a member of the Cyber Future Foundation. Prior to H-ISAC, she was vice president of Financial Services-ISAC.