- Windows Vulnerability Potentially Exposes Healthcare Networks
Infoblox cited a Gartner estimate that by 2020, close to one-third of successful cyberatacks on enterprises will come through their shadow IT resources.
In terms of ransomware, 39.7 percent of U.S. respondents said they did not know if their organization would be willing to pay a ransom in the event of a cyberattack.
Healthcare IT Pros More Confident About Cyberattack Response
On the positive side, 92 percent of healthcare IT professionals are confident in their organization’s ability to respond to a cyberattack, compared with 82 percent in the 2017 survey.
Fifty-six percent of respondents said they have automated systems in place that scan their networks for suspicious activity, and around 31 percent have their own security operation centers.
Healthcare organizations are spending between 11 percent and 20 percent more on cybersecurity than in 2017, with the top three investments being anti-virus software (59 percent), firewalls (52 percent), and application security (51 percent).
Additionally, employee education has grown in popularity, with a 10 percent higher investment in 2019 compared to 2017. This education has focused on improving email hygiene to avoid phishing scams and the delivery of ransomware.
Healthcare IT professionals are addressing the growing adoption of the Internet of Things, and as a result the number of security policies in place for new connected devices has increased from 85 to 89 percent.
“Healthcare companies hold some of the most sensitive and valuable personal data, making them extremely vulnerable to cyberattack. Additionally, as the number of internet connected devices in this industry continues to skyrocket, cybercriminals will have a surplus of options to mine for network vulnerabilities,” said Victor Danevich, chief technology officer of systems engineering at Infoblox.
“Although healthcare IT providers are some of the most educated and concerned security buyers, they mustn’t become complacent, and must continue to think strategically about ensuring the security of their networks and — most importantly — the safety of their patients,” Danevich added.
Microsoft Ends Support for Windows Server 2008 and 2008 R2
In addition to Windows 7, Microsoft said it is ending support for its Windows Server 2008 and 2008 R2 on January 14, 2020. After that date, the company will no longer provide regulatory security updates for Windows Server 2008 and 2008 R2.
In addition, Microsoft is ending support for SQL Server 2008 and 2008 R2 on July 9 of this year.
Microsoft is offering several options for organizations running Windows Server 2008 and 2008 R2 or SQL Server 2008 and 2008 R2.
They can upgrade to current versions of the software: Windows Server 2016 or SQL Server 2017.
If they can’t upgrade to the latest versions before the support deadlines, they can rehost workloads to Microsoft’s Azure and get three years of extended security updates at no charge.
Or they can purchase the extended security updates package for three years after end of support. Eligibility for this option requires active software assurance or subscription licenses under an enterprise agreement, Microsoft explained.