Matthew Delman

As more internet of medical things (IoMT) and connected equipment get installed in HDOs throughout Australia, patient care improves and infrastructure becomes more modernised. Unfortunately, security has been an afterthought at best in the rush to add more IoMT devices and more network-accessible medical equipment.
As a result, HDOs are under threat from cyber criminals, and have minimal defences. This state of affairs has created an environment where Australian HDOs are the most targeted ind...

Walk into any hospital in America and you can expect to see, more or less the same thing. Attentive staff, a doctor present, and triage capabilities for anything that might walk through those revolving doors.
One part of that confidence comes from the accreditation organizations that these Healthcare Delivery Organizations (HDOs) use to prove their capabilities. Accreditation organizations approved by the Centers for Medicare and Medicaid Services (CMS) in the United States have long mandated...

More than 51.9 million patient records were exposed in over 700 data breaches in 2022, according to Health and Human Services data. The imperative of protecting patient data is already here and getting more critical for health delivery organizations (HDOs) with each passing year.

Accreditation organizations such as The Joint Commission (TJC) have a role to play in this imperative as well. They enforce the security recommendations of standards-setting organizations like the Centers for Medicai...

As the healthcare ecosystem becomes more interconnected, managing third-party risk increases in importance for security and technology leaders. Smaller suppliers are a particular risk for health delivery organizations (HDOs). These small and midsize businesses often lack the budget and staff resources to implement robust security programs.

As a result, these smaller suppliers to HDOs bring a higher risk that their security will be breached, which can spread to their customers. This is an espe...

Network firewalls are powerful tools to defend health delivery organizations (HDOs) against unauthorized traffic. They block traffic based on many different criteria, including source and destination IP addresses, particular ports, and protocols depending on organizational priorities.

Setting up network firewalls requires a deep understanding of how network protocols operate, how communication patterns function, and potential threats. This complexity often leads to operational challenges like...

Hospitals are the number one target of cybercriminals. This isn’t exactly a newsworthy statement, or even particularly controversial. There was a 94% increase in attacks against hospitals from 2021 to 2022, with no sign of stopping in 2023. The reason hospitals experience this is twofold: low spending on security and a low tolerance for downtime.

What can hospitals do to improve their security in the face of this trend? One thing is to have healthcare technology management (HTM) teams work cl...

Understanding the different types of software licensing can be complex. Proprietary softwatre licenses and open source software licenses are relatively easy. But there’s a third category: source available licenses. These are possibly the most confusing license category. Source available software falls in between commercial and open source licenses. They’re not exactly proprietary and not exactly fully open.
Where it becomes most confusing is that source available licenses look a lot like open...

As the use of the cloud has expanded, an organization’s attack surface, the sum of all potential digital doorways into the organization, has seen a corresponding increase. The average enterprise now uses over 1,400 distinct cloud services – a number that has tripled over the past five years. Cloud-first strategies have invaluable benefits to an organization, but they also increase the complexity of their digital environment and lead to more exposures in more places than ever before.
According...

Corporate data outside the network has always posed a security risk, but with more people working from anywhere, the issue has taken on increased urgency.
Enter remote employee monitoring. The practice of monitoring remote employees has made extensive news in recent years, especially since the first COVID-19 pandemic lockdowns. There is an overall negative perception of the idea, with critics claiming invasion of privacy as the main issue around monitoring remote workers.
Despite the bad rap ...

Open source software is a major component of modern development. Using open source code empowers dev teams to accelerate their…
Open source software is a major component of modern development. Using open source code empowers dev teams to accelerate their delivery timelines and ship finished products more efficiently. In a highly competitive business world, companies need all the advantages they can get. Using open source code allows product-focused organizations to achieve their goals around ...

Logs are everywhere. Which is good because they’re a critical piece of operations work in computing, whether you work in DevOps, security operations, or IT operations. Analyzing logs helps with many different aspects of the technical support of devices, users, applications, and more. They can determine where authentication is happening, how applications work, whether a system crashed because of malicious actions or some other malfunction.
To understand the value in an event log, first let’s t...

Ransomware has long been among the most significant threats to the modern enterprise. First with encrypting data and extorting a fee for the key – where the term “ransomware” comes from – to now double and triple extortions becoming increasingly common. These changes have driven the rise in ransom demands to an average of over $800,000 according to Sophos data and contributed to the more than 1,100 attacks that LookingGlass tracked in the first half of 2022.
Most concerning in this current en...