Cyber Markets Round-up: Week 20, May '23: A multi-sectoral approach towards cybersecurity
Cyber Markets Roundup | Weekly cybersecurity investment highlights
*Stock data as of the market close, cryptocurrency data as of 4:00 AM ET.
WHAT’S NEW
NextGen Healthcare Data Breach: One Million Patient Records Affected
Electronic health record software provider NextGen Healthcare has confirmed that hackers breached its systems and stole the personal data of more than one million patients.
According to a data breach notification from the Office of the Maine Attorney General, a total of 1,049,375 patients were affected by the attack.
The NextGen Healthcare data breach comes weeks after the US Food and Drug Administration (FDA) published new guidelines to strengthen the cybersecurity levels of internet-connected products used by hospitals and healthcare providers. [InfoSecurity Magazine]
Several Old Linux Vulnerabilities Exploited in Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) has added several Linux and Linux-related flaws to its known exploited vulnerabilities (KEV) catalog.
One aspect all the vulnerabilities appear to have in common is their connection to Linux, which indicates that they might have been leveraged in attacks on Linux systems. NIST’s advisories for each security hole include references to advisories posted by various Linux distributions to describe the impact of these flaws and the availability of patches. [Security Week]
Senators Introduce Rural Hospital Cybersecurity Enhancement Act
US Senators Josh Hawley (R-MO) and Gary Peters (D-MI) have introduced the Rural Hospital Cybersecurity Enhancement Act, aimed at addressing critical cybersecurity gaps at rural healthcare facilities.
The act would require the CISA director to create instructional materials to help rural hospitals train staff on key cybersecurity measures. What’s more, the Secretary of Homeland Security would be required to report annually to HSGAC and the House Committee on Homeland Security regarding updates to the strategy. [The US Congress]
Transportation Needs to Improve Cyber Policy Implementation, Watchdog Finds
The Department of Transportation needs to improve how it implements its cybersecurity policies, despite some progress in such policies, according to a Government Accountability Office report.
GAO recommended that the Secretary of Transportation should direct the agency’s CIO to: take advantage of its IT program reviews to address recommendations that have not been implemented; work with human resources to create and implement a policy mandating Operating Administration senior IT managers’ performance plans include cybersecurity-related performance expectations; and take part in the reviews of OA CIOs and their equivalents. [NextGov]
If you enjoyed this edition of the Cyber Markets Roundup, we are inviting you to connect with us on LinkedIn for FREE and let us build a community of like-minded individuals who are interested in cybersecurity, stocks, and financial markets.