The Wall Street Journal reports on Chief Information Officer cybersecurity priorities for 2023:

At Cisco Systems Inc., CIO Fletcher Previn said the company is focusing on addressing cyber threats for a remote and in-office workforce, where “we might have video games and smart thermostats on the same network segment as an employee’s remote workplace.”

That means the networking-equipment maker is adopting a zero-trust architecture, as well as practices like two-factor authentication, investing in network automation, and application scanning, Mr. Previn said.

“The threat landscape has become more challenging and our networks more porous,” Mr. Previn said. “All it takes is one slip-up or letting your guard down for a minute for an adversary to get in.”

The Journal also lists CIO favorite reads in 2022.

Health IT Security “spoke with a variety of industry leaders who shared their healthcare cybersecurity and privacy predictions for the upcoming year.”

The experts suggested that in order to maintain cybersecurity and patient privacy, organizations will have to continue to adapt and enhance existing security practices to combat ongoing cyber threats.

However, positive regulatory changes may be on the horizon, and the lasting effects of the pandemic have shown that the sector is more than willing to pivot its strategies and remain resilient amid constant challenges.

The Cybersecurity Infrastructure Security Agency added two more known exploited vulnerabilities to its catalog.

Health IT Security also reminds us

Improper disposal of protected health information (PHI) can result in HIPAA violations, Office for Civil Rights (OCR) investigations, and hefty fines. * * *

Fortunately, HHS maintains a great deal of guidance on the proper and improper ways to dispose of physical records and electronic PHI as required under the HIPAA Privacy and Security Rules.

Happy New Year!