In case you missed it, last month CardConnect’s Chief Security Officer Rush Taggart shared his thoughts with HealthData Management about the role vulnerability management can play in protecting healthcare providers from the impact of cyberattacks.
The full article is really worth reading, but since you might need to register a free account with the publication to access it, you can see our free version here. We’ve also pulled together a little synopsis for you below.
First, let’s go over exactly what vulnerability management is. It’s the practice of researching and understanding an organization’s vulnerabilities and then developing plans to mitigate them so the impacts of potential data breaches are minimized and even prevented.
In his article, Rush breaks down five important steps to consider in order to effectively practice vulnerability management.
Don’t make the mistake Equifax did last year - make sure your company is paying attention to patches that need deploying in order to fill vulnerable gaps that may be present in your systems.
Be careful about who you’re giving access to important data and make sure it’s given only to those who really need it.
Make sure you and your team know how to identify potential phishing campaigns that can take down your network with the click of one button.
Get rid of the unuseful data that’s just sitting on your system, so you can reduce the size of your target for hackers.
Monitor your network every single day so you don’t make the mistake of going weeks or even months with undetected malware wrecking your system.
As Rush points out in his article, the bottom line is that putting time and resources into vulnerability management upfront can protect you from the potentially irreversible impacts of a breach. For healthcare providers, there’s an obligation to protect patient data, and it begins with taking vulnerability management seriously.
If you’re interested, you can check out the full article from HealthData Management here.
Rush Taggart serves as Chief Security Officer of CardConnect, a payment processing and technology solutions provider. CardConnect’s payment gateway and security offerings were primarily built by Taggart during his time at Princeton Payment Solutions, acquired by CardConnect in 2012. Taggart rebuilt the existing Payware and CardSecure C++ applications into Java, adding significant user functionality as well as platform portability. In 2014, CardConnect was awarded two patents related to payment security that were a direct result of Taggart’s work. Recently, Taggart developed a retail terminal solution for CardConnect's SMB customers, providing a PCI-validated P2PE solution that is also EMV-ready.