Designing a HIPAA-Compliant Security Operations Center: A Guide to Detecting and Responding to Healthcare Breaches and Events

Develop a comprehensive plan for building a HIPAA-compliant security operations center, designed to detect and respond to an increasing number of healthcare data breaches and events. Using risk analysis, assessment, and management data combined with knowledge of cybersecurity program maturity, this book gives you the tools you need to operationalize threat intelligence, vulnerability management, security monitoring, and incident response processes to effectively meet the challenges presented by healthcare's current threats.

Healthcare entities are bombarded with data. Threat intelligence feeds, news updates, and messages come rapidly and in many forms such as email, podcasts, and more. New vulnerabilities are found every day in applications, operating systems, and databases while older vulnerabilities remain exploitable. Add in the number of dashboards, alerts, and data points each information security tool provides and security teams find themselves swimming in oceans of data and unsure where to focus their energy. There is an urgent need to have a cohesive plan in place to cut through the noise and face these threats.

Cybersecurity operations do not require expensive tools or large capital investments. There are ways to capture the necessary data. Teams protecting data and supporting HIPAA compliance can do this. All that's required is a plan--which author Eric Thompson provides in this book.

What You Will Learn

• Know what threat intelligence is and how you can make it useful
• Understand how effective vulnerability management extends beyond the risk scores provided by vendors
• Develop continuous monitoring on a budget
• Ensure that incident response is appropriate
• Help healthcare organizations comply with HIPAA

Who This Book Is For

Cybersecurity, privacy, and compliance professionals working for organizations responsible for creating, maintaining, storing, and protecting patient information.

開發一個全面的計劃，建立一個符合HIPAA標準的安全運營中心，旨在檢測和應對日益增多的醫療數據違規和事件。本書結合風險分析、評估和管理數據以及對網絡安全計劃成熟度的了解，為您提供了運作威脅情報、漏洞管理、安全監控和事件應對流程所需的工具，以有效應對當前醫療領域所面臨的挑戰。

醫療機構面臨著大量的數據。威脅情報源、新聞更新和信息以電子郵件、播客等多種形式迅速傳遞。每天都會發現應用程序、操作系統和數據庫中的新漏洞，而舊漏洞仍然可被利用。再加上每個信息安全工具提供的儀表板、警報和數據點的數量，安全團隊發現自己淹沒在大量數據中，不確定應該把精力集中在哪裡。迫切需要制定一個有條理的計劃，以消除噪音並應對這些威脅。

網絡安全運營不需要昂貴的工具或大量資本投資。有方法可以捕獲所需的數據。保護數據並支持HIPAA合規性的團隊可以做到這一點。所需的只是一個計劃，而這本書的作者Eric Thompson提供了這個計劃。

你將學到什麼：

- 了解威脅情報是什麼，以及如何使其有用
- 理解有效的漏洞管理超越供應商提供的風險評分
- 在有限預算下開展持續監控
- 確保事件應對得當
- 幫助醫療機構遵守HIPAA合規性

適合閱讀對象：

從事創建、維護、存儲和保護病人信息的組織負責網絡安全、隱私和合規性的專業人士。

Eric C. Thompson is the author of two previous Apress books: Building a HIPAA Compliant Cybersecurity Program and Cybersecurity Incident Response. He is certified by GIAC in intrusion analysis, incident handling, network forensics, and detection. He is currently Director of Information Security and IT Compliance at Blue Health Intelligence, a company focused on data analytics in the healthcare payer space. He has Implemented and matured all elements of security operations. He is a passionate user of many open-source solutions and loves working with new implementations of Snort, Zeek, and SOF-ELK. He also has significant experience assessing and managing cyber risks and complying with HIPAA.

Eric C. Thompson是Apress的兩本書《Building a HIPAA Compliant Cybersecurity Program》和《Cybersecurity Incident Response》的作者。他在入侵分析、事件處理、網絡取證和檢測方面獲得了GIAC的認證。他目前擔任Blue Health Intelligence的信息安全和IT合規性主管，該公司專注於醫療支付領域的數據分析。他實施並完善了安全運營的所有要素。他是許多開源解決方案的熱衷用戶，喜歡使用Snort、Zeek和SOF-ELK的新實現。他還具有評估和管理網絡風險以及遵守HIPAA的豐富經驗。