Tcs cybersecurity for healthcare

TCS Cybersecurity for H lthHealthcare

Securing and Protecting Patient Data

©2013, TeleCommunication Systems, Inc. (TCS). Proprietary Level 2©2013, TeleCommunication Systems, Inc. (TCS). Proprietary Level 2

State of Cybersecurity and Healthcare

» Nearly one in five healthcare yCIOs have had a security breach within the past 12 months -McKesson

» The number of health data breaches is growing with the push to electronic records, and increasingly thieves areand increasingly thieves are targeting their attacks

» 94% of health care i i h h dorganizations have had at

least one breach in the previous two years


2


» Health data is targeted for the value it holds and the ease with which hackers can gain access to it.

» While there are still plenty of breaches occurring due to lost or stolen laptops, many instances of data loss or exposure are no accident – they are a result of malicious attacks.

94% of health care organizations have had at least one breach in the previous two years


3

previous two years


» Hackers often are more interested in financial information they can use in identity theft and other fraud schemes.

» Healthcare data generally goes for $50 per record on the black market and thieves increasingly will sit on stolen data for some length of time before trying to sell or access it. That, he added, means that organizations need

l l hto implement response plans that include long-term diligence and monitoring.


4


» Too many organizations rely too heavily on technology to y g y y gyprotect their data rather than focusing on how they can use the technology correctly and training employees to be better stewards of the data.

» They also need to be vigilant in training business associates, who will be subject to the same HIPPA , jregulations as providers starting in September 2013.


5


» Of the 131 data breaches reported to the CA Attorney General’s» Of the 131 data breaches reported to the CA Attorney General s office in 2012, 55% were intentional intrusions by outsiders or by unauthorized insiders. The other 45% were mostly the result of failures to adopt or carry out appropriate security measures. o a u es o adop o ca y ou app op a e secu y easu es

» The health care industry had the third most-reported incidents at 15%at 15%.

Breach report by California Attorney General Kamala Harris


6


Another new potential source of breaches are the statewide» Another new potential source of breaches are the statewide health information exchanges that were funded under the Health Information Technology for Economic and Clinical Health Act, because many are short on cash and might not have the meansbecause many are short on cash and might not have the means to protect their data from all targets.


7

TCS Cyber Solutions

TCS is at the forefront of developing and deploying leading technologies, and on the frontlines of protecting against advanced persistent threats.

We operate in mission critical environments where success is measured in lives saved, and operational excellence is achieved by reducing downtime to

minutes per year. Our cyber solutions group leverages these capabilities to p y y g p g pprovide elite cyber protection for your

most critical assets.


8

TCS Cyber Solutions: ESP

TCS created Enterprise Security and ProtectionTCS created Enterprise Security and Protection (ESP) as an integrated, end-to-end suite of scalable security applications and services to safeguard corporate networks from risk.co po a e e o s o sOur approach is based on:» 10 years supporting DoD» 25 years experience supporting industry» 25 years experience supporting industry» The 20 Critical Security Controls


9

TCS Cyber Solutions: ESP


10

ESP Assessment

Tailored security analysis based on corporate presenceTailored security analysis based on corporate presence, posture and risk:

» Information Security» Physical Security» Network Security» Wireless SecurityWireless Security» Regulatory Compliance» User Policy» Map of Vulnerabilities» Map of Vulnerabilities


11

ESP Validation

Examines the ability of a system to endure deliberate malicious attemptsto compromise security

Assessment DescriptionOpen Source Gather all publicly available information on the customerGather all publicly available information on the customer

Organization structureOrganization structure SubsidiariesSubsidiaries

» Open Source Evaluation» Network Discovery» Penetration Tests

Clients/partnersClients/partners Network blocksNetwork blocks PersonnelPersonnel Social networkingSocial networking BlogsBlogs

Network Discovery Identify publicly available hosts (Internet Protocols [IPs])Identify publicly available hosts (Internet Protocols [IPs])» Penetration Tests» “White Box” Testing

et o sco e y y p y ( [ ])y p y ( [ ]) Identify available ports on identified hostsIdentify available ports on identified hosts Identify application versions on portsIdentify application versions on ports Identify security mechanisms and locationsIdentify security mechanisms and locations

Penetration Testing Identify vulnerabilities in identified applicationsIdentify vulnerabilities in identified applications Attempt exploitation of vulnerabilitiesAttempt exploitation of vulnerabilities

Social engineeringSocial engineering Targeted phishingTargeted phishing Structured Query Language (SQL) injectionStructured Query Language (SQL) injection CrossCross‐‐Site Scripting (XSS)Site Scripting (XSS)

Upon successful exploitation, establish covert presence on Upon successful exploitation, establish covert presence on vulnerable hostvulnerable host


12

vulnerable hostvulnerable host

ESP Validation

DeliverablesDeliverables» Open Source Report» Network Reconnaissance

R tReport» Exploitation Report» Impact Report» Recommendations Deliverable

Deliverable Contents

Open Source Report (Appendix A)

Open source view of corporation; preliminary network map.

Network Reconnaissance

Discovered IPs, operating systems, installed applications, security devices.Reconnaissance

Report (Appendix B)installed applications, security devices.

Exploitation Report (Appendix C)

Captured IPs; established presence in network; significant accesses acquired.

Impact Report (Appendix D)

Information retrieved through access.

Final Assessment All previous information as well as


13

Final Assessment Report

All previous information as well as recommended actions to further secure network.

ESP Training

Cyber security training suite for IT security personnel» Offensive mindset to security training» Hands-on, practical application focused» Training where and when you need it» Training where and when you need it» Modular in design

Subjects includeS it A T i i» Security Awareness Training

» Penetration Testing» Intrusion Detection» Reverse Engineering » Information Assurance» Forensics


14

» Forensics » Custom Client Courses

Thank you!

Christina Wiegand410-280-4931

[email protected]

www.telecomsys.com

275 West StreetAnnapolis, MD 21401


Health & Medicine

Tcs cybersecurity for healthcare