"CSA Provides Best Practices For Healthcare Supply Chain Cybersecurity"

The Cloud Security Alliance (CSA) has issued recommendations to assist organizations in effectively addressing healthcare supply chain cybersecurity. Healthcare organizations are responsible for monitoring every step of the supply chain, from software components to medical devices, medications, and food suppliers. The 2020 SolarWinds cyberattack heightened public awareness of supply chain security. According to a recent survey commissioned by Trellix and conducted by Vanson Bourne, more than 80 percent of healthcare organizations had established some level of software supply chain risk management policies. However, just 26 percent said they had fully implemented the policies and procedures. Over 90 percent of healthcare respondents said it was difficult to measure and apply software supply chain risk management policies. James Angle, the co-chair of the Health Information Management Working Group, explained that healthcare delivery organizations are spending billions of dollars on thousands of suppliers each year, but studies have shown that current techniques for assessing and managing risks posed by vendors are failing. CSA emphasized that the healthcare supply chain has become more reliant on cloud computing for order processing, transportation, inventory management, and other tasks. CSA believes managing supply chain cyber risks is critical to enterprise resilience because of the supply chain's interconnected structure. CSA encourages healthcare organizations to inventory all vendors, create a schedule for reevaluating suppliers, and require suppliers to maintain security standards. This article continues to discuss CSA's guidance on healthcare supply chain cybersecurity risk management. 

HealthITSecurity reports "CSA Provides Best Practices For Healthcare Supply Chain Cybersecurity"