Intelligent CXO Issue 19 - Page 38

Maintaining healthcare service continuity involves better assessment and management of cybersecurity risks associated with third-party vendors across healthcare supply chains . To that end , Singapore ’ s Ministry of Health outlined several best practices that allow organisations to overcome challenges related to cybersecurity risk by using third-party IT assets .
In its Healthcare Cybersecurity Essentials report , some of the measures include :
1 . Creating an inventory of all IT assets including those provided by third-party vendors , so that healthcare providers will know where they can prioritise their cybersecurity .
2 . Understanding how the assets work including how data is collected and processed , the safeguards that are in place and contractual agreements in the event of a breach . Users of third-party IT services should also know about what services and security practices the vendor can provide as well as train staff on how to properly use new software so that they do not expose the system to cyber-risks .
3 . Checking up on vulnerability reports and alerts . Healthcare providers should be aware of new cyberthreats that can affect their third-party software , devices or assets since these assets can expose systems to various cyberthreats , such as compromising database integrity , allowing unauthorised access and data breaches .
4 . Work with third-party vendors on implementing cybersecurity measures . Healthcare providers should also work with third-party vendors in installing new security programmes , such as installing and configuring firewalls , implementing security controls to restrict unauthorised traffic and using security patches from third-party security providers .
In addition , Singapore plans to expand the Cybersecurity Act to improve awareness of threats in cyberspace , protect virtual assets that support essential services , and include Non-
38 www . intelligentcxo . com