CISA Tool Helps Assess Cyber Risks

Managers can further understand nature of insider threats and steps to create prevention and mitigation programs

By Dan Hounsell, Senior Editor


Healthcare organizations looking to avoid problems created by the ongoing waves of cyber attacks — especially from inside their ranks — have a new resource at their disposal.

The Cybersecurity and Infrastructure Security Agency (CISA) released an Insider Risk Mitigation Self-Assessment Tool, which aims to assist public and private sector organizations in assessing their vulnerability to an insider threat. By answering a series of questions, managers can receive feedback they can use to gauge their risk posture. The tool will also help managers further understand the nature of insider threats and take steps to create their own prevention and mitigation programs.

“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said David Mussington, CISA executive assistant director for infrastructure security. “CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats. Taking some small steps today can make a big difference in preventing or mitigating the consequences of an insider threat in the future.”

Insider threats can pose serious risk to any organization because of the institutional knowledge and trust placed in the hands of the perpetrator. Insider threats can come from current or former employees, contractors, or others with inside knowledge, and the consequences can include compromised sensitive information, damaged organizational reputation, lost revenue, stolen intellectual property, reduced market share, and even physical harm to people.

CISA has a number of tools, training, and information on an array of threats public and private sector organizations face, including insider threats. Information on these resources can be found at CISA.gov.



October 11, 2021


Topic Area: Information Technology


Recent Posts

Disinfectant Dispensers in Healthcare Facilities Often Fail to Deliver Safe Concentrations: Study

Study of 10 hospitals finds 90 percent have at least one dispenser delivering disinfectants at incorrect concentrations.


Duke University Health System Receives $50 Million for Proton Beam Therapy Center

The donation is the largest philanthropic gift received by Duke University Health System.


UT Southwestern Experiences Data Breach Through Calendar Tool

The incident occurred in October.


Protecting Patient Data: Strategies and Tactics

As cyber threats and breaches grow, healthcare organizations and facilities need a better approach to cybersecurity.


Duke Health to Acquire Lake Norman Regional Medical Center

The closing is projected for the first quarter of 2025.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.