"Pen Testing Data Highlights Gaps in Healthcare Cybersecurity"

Penetration testing is an important tool for maintaining healthcare cybersecurity and identifying potential security vulnerabilities. Although healthcare is gradually transitioning away from reliance on legacy systems, unpatched and out-of-date software continues to cause security issues, according to security firm Coalfire. Coalfire examined the results of 3,100 pen tests performed on behalf of nearly 1,600 of its clients to determine the top cybersecurity risks. In addition, the company worked with NowSecure to provide more information about mobile apps. Findings from various industries, including healthcare, were included in the report. Researchers drew further attention to the conflict between legacy systems in healthcare and more advanced platform-enabled environments. The situation is further complicated by dispersed locations and expensive-to-replace medical equipment. Coalfire's findings call on healthcare organizations to conduct real-time penetration testing and work towards continuous compliance monitoring, even within legacy systems. Legacy medical devices have long been a concern for healthcare security professionals. The FBI recently issued a warning outlining the security and patient safety risks associated with legacy medical devices, urging the healthcare industry to take action. To reduce risk, the FBI emphasized the importance of asset management, employee training, and endpoint protection. Security misconfigurations topped the list of leading application vulnerabilities across all industries. The consistency of security misconfigurations, as demonstrated in previous reports, suggests that organizations are struggling with asset inventories, cyber hygiene, and legacy systems that drive multiple vulnerabilities. This article continues to discuss key findings from Coalfire's fourth annual Securealities Penetration Risk Report.

HealthITSecurity reports "Pen Testing Data Highlights Gaps in Healthcare Cybersecurity"