According to Ronald Ross—NIST fellow— the National Institute of Standards and Technology is all set to deliver new cybersecurity guidance to help hospitals avoid and withstand hostile cyber attacks.
The NIST offers a security framework that was developed for the federal government under the Federal Information Security Modernization Act to help organizations understand, select and implement security controls.
Ronald Ross explained, the latest iteration is developed because the proliferation of advanced technologies is rapidly exceeding healthcare executives’ ability to protect their organizations from cyber threats.
“Organizations are buying as much IT as fast as they can to obtain greater capabilities,” Ross said. Although, the healthcare organizations are embracing new technologies every day, there are certain things that are out of their grasp, such as operating systems or databases, for which they have to keep pace with the vendors like Microsoft and Oracle distribute.
With the new cybersecurity guidance, NIST is working to reduce the complexity of systems security engineering. The guidance will also contain best practices for building software and systems that are both secure and trustworthy.
“The best way to describe the concept is like this: When you fly on an airplane or cross a bridge, you do so because you trust the airplanes we fly and the bridges we cross, you have confidence in the people who designed and built them,” Ross said.
“We can build and deploy systems that we can trust, too, in a hospital environment, so the systems can better withstand cyber attacks, are more penetration-resistant, and limit the damage an adversary can do if an attack comes through the perimeter,” he said.
Source: Healthcare IT News.
