Ransomware attacks in healthcare are often caused by inadequate security training. Weak passwords, phishing attacks, and a lack of security patching are the main culprits. Kevin Lancaster, general manager of security solutions at Kaseya, suggests that training videos should be short, engaging, and followed by a quick quiz. Active training methods, such as phishing simulations, should also be employed. Positive reinforcement, such as awards and tying cybersecurity into performance reviews, can foster a culture of security in the organization.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted