Healthcare is one of them most heavily targeted when it comes to cyberattacks. The only other industry that is targeted as much more than healthcare is typically financial institutions and government agencies (no surprise there). One of the main ways that healthcare companies are targeted is through the interconnected devices that exist in the building. If you think of a hospital room, you can imagine all of the different devices used to monitor the patient, collect information on them, administer drugs and so on.

On average a security breach globally cost about $3.68 million dollars, 6.75 million in Canada and in the united states that cost is $8.64 million. It’s common knowledge that a cyberattack does damage to a company, but it’s not so obvious how a cyberattack may affect a company’s underlying value. Obviously there’s a labour cost to all the employees that will work to fix it but there are many other ways that a cyberattack costs a company money that may not be apparent.

An often overlooked aspect of securing your business is how you deal with third party vendors. As part of your business you may need to share information, software or access to your computer network with other businesses and this creates a potential security risk. Any information that you share with a third party vendor is still your responsibility. If they have a data breach, you have a data breach and you will be responsible for notifying your customers and regulators, the same as if your company was the one that was hacked. Also, hackers can use the connections between different companies as a means to pivot from one company to another.

For penetration testing there are several tools/software that is used within the industry. You could go and download each of these software programs individually, but this isn’t usually how it’s done. The more efficient and industry standard way is to use a pre-made distribution which comes installed with all the penetration testing tools you would need to do your job. Two of the most popular distributions for penetration testers are known as Kali Linux and Parrot OS.

Infosec, stands for information security and this is the process of protecting a company’s information assets from all types of risk. While cybersecurity focuses solely on protecting information assets from cyber attacks, information security is a superset of cybersecurity that includes physically securing information assets.

A patch is a set of changes for computer software that is meant to update, fix or otherwise improve the program. Most patches add new features, fix bugs or optimize software in some way, but many patches are for security purposes. When developers are made aware of a security issue for their software they create a fix for that issue and distribute it to the users using a new patch.