The National Institute of Standards and Technology (NIST) developed a framework for improving critical infrastructure cybersecurity known as the NIST Cybersecurity Framework. It is a model used by organizations to assess and improve their capability to prevent, detect, and respond to cyber threats and incidents [1]. The framework is designed for businesses and IT professionals to accurately identify, adequately protect and detect, and efficiently and effectively respond and recover from cyber threats and incidents.
In the early 1990’s, it became clear that the health care industry needed to become more efficient with medical records and patient information. Managing filing systems in healthcare practices became full time jobs for individuals, progressing to dedicated teams of employees whose sole responsibility was to manage patient information on paper. Computerizing medical records was the next logical evolution of managing medical records, but there needed to be a set of standards that governed how healthcare data should be managed.
A supply chain attack is a cyberattack that targets less secure elements of an organization, be it their third-party API integrations, remote manufacturing facilities, and specifically, weak networks and systems. The term “supply chain” often elicits thoughts of manufacturing processes and logistics, or the process of getting goods such as groceries from the farmer’s fields to the shelves of a grocery store. In cybersecurity, the supply chain refers to all of the above and more, including hardware and software that ends up in the hands of consumers, businesses, and governments.