SlideShare ist ein Scribd-Unternehmen logo

The Attack Surface of the Healthcare Industry

Jeremiah Grossman
Jeremiah Grossman

Paubox SECURE @ Home 2020 Virtual Healthcare Cybersecurity & Innovation Conference October 21 - 22, 2020 https://www.paubox.com/blog/jeremiah-grossman-confirmed-to-speak-at-paubox-secure/ https://try.paubox.com/paubox-secure-2020

Internet
1 von 28
Downloaden Sie, um offline zu lesen
THE ATTACK SURFACE OF THE HEALTHCARE INDUSTRY OCTOBER 21, 2020 BIT DISCOVERY
•CEO, Bit Discovery •20 years in Information Security •Founder of WhiteHat Security •Black Belt in Brazilian Jiu-Jitsu JEREMIAH GROSSMAN
Coalition serves over 25,000 small and midsize organizations across every sector of the US and Canada. Report covers not just “breaches,” but breaches resulting in material harm.
IMPORTANCE ASSET INVENTORY
Bit Discovery 2020 FEDERAL TRADE COMMISSION, Plaintiff, v. EQUIFAX INC., Defendant.
Bit Discovery 2020 USE-CASES ASSET INVENTORY • Vulnerability & Patch Management • Third-Party Risk Management • Mergers & Acquisition • Cyber-Insurance • Policy & Compliance • Security Ratings • Incident Response • Sales & Marketing Enablement • Investments
BIT DISCOVERY THE DATA ABOUT
Bit Discovery 2020 INTERNET “COPY” OF THE • Generated by Bit Discovery + 400 data sources. • WHOIS databases, domain names, ASN, ports, service banners, technology stack, website index page(s), full TLS certificate info, email addresses, password dumps, etc. • Each asset has potentially 115 unique data points. • Each data point updated daily-to-monthly. • Hundreds of snapshots collected over 5 years. Largest Data-Set Of It’s Kind *missing ~30% of the Internet* 4.5 Billion DNS Entries 200+ INTERNET SNAPSHOTS 515 DATA SOURCES 115 DATA COLUMNS 150 YEARS OF CPU TIME
INVENTORY ANALYSIS BIT DISCOVERY
Bit Discovery 2020 INSIGHTS What do you want to know? • How many websites, VPNs, mail servers, DNS servers, SSH servers, etc.? • How many of what assets are “in the cloud” or use a particular CDN? • How many assets have expired or soon-to-be expired TLS certificates? • What asset are using or NOT using PHP, Drupal, Citrix, F5, Wordpress, etc.? • In what countries are assets located? • What assets or services should probably not be externally exposed (RDP, MySQL, Dev/ Staging)? By Organization By Industry Your Inventory
Bit Discovery 2020 ASSET as·set | ˈaset | noun a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. • (an asset) may include, but not limited to, web servers, name servers, IoT devices, or network printers.
Total Assets (hospitals & health) The total number of Internet-connected assets globally. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 30,000 60,000 90,000 120,000 1,897 1,883 183 10,594 749 10,594 356 3,506 788 1,910 104,605
Total Assets (Healthcare) The total number of Internet-connected assets globally. Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 30,000 60,000 90,000 120,000 21,360 108,759 18,645 6,360 43,153 19,900 22,819 70,645 10,020
Domain Names The total number of registered domain names. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 1,500 3,000 4,500 6,000 107 90 3 1,286 50 1,286 36 307 38 123 5,264 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 1,500 3,000 4,500 6,000 808 5,615 204 404 953 1,434 1,086 663 523 Hospitals & Health Healthcare
Cloud Assets The percentage of Internet-accessible and cloud-hosted assets. Cloud providers include Amazon Web Services, Microsoft Azure, Google App Engine, and others. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 0 0 0 1 15.40% 16.78% 24.59% 15.40% 7.88% 15.40% 14.04% 32.94% 0.63% 5.18% 53.70% Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 0 0 1 1 8.54% 6.26% 83.91% 15.30% 1.17% 10.82% 5.01% 2.83% 44.26% Hospitals & Health Healthcare
CDN Assets The percentage of Internet-accessible assets being served by a well-known Content Delivery Network. CDNs include Akamai, Cloudflare, Fastly, and others. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 0 0 0 0 1.05% 0.74% 0.00% 8.14% 0.27% 8.14% 0.00% 1.23% 4.06% 1.36% 0.19% Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 0 0 0 0 1.59% 3.38% 0.19% 1.45% 0.33% 0.02% 10.54% 0.59% 2.94% Hospitals & Health Healthcare
Certificate Authorities The number of unique Certificate Authorities seen across the Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 13 25 38 50 22 19 4 27 7 27 5 25 9 27 46 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 28 55 83 110 47 106 24 37 42 45 60 48 50 Hospitals & Health Healthcare
Expired TLS Certs The number of expired TLS Certificates seen across the Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 30 60 90 120 59 55 5 103 10 103 1 81 17 63 97 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 175 350 525 700 243 433 14 556 107 88 614 221 264 Hospitals & Health Healthcare
Countries Hosting The number of countries hosting Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 4 8 12 16 6 3 4 9 2 9 3 8 4 8 16 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 6 12 18 24 16 20 10 23 15 13 17 11 18 Hospitals & Health Healthcare
Private IP-Space The number of Internet-connected assets where the hostname resolves to non-route-able RFC-1918 internal IP-addresses. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 8 15 23 30 4 3 0 5 2 5 0 1 25 8 30 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 175 350 525 700 42 408 3 9 98 8 691 15 68 Hospitals & Health Healthcare
Wordpress (Healthcare) Extremely popular free and open-source content management system. Wordpress assets scanned with WPScan, which includes vulnerabilities in WordPress plug-ins. Total (Median) WordPress Websites Total (Median) WordPress Vulnerabilities Total (Median) WordPress Websites with at least 1 vulnerability Median # of Vulnerabilities per Wordpress website Hospitals & Health 17 0 0 0 Healthcare 70 106 5 16
GUIDANCE
Every security program must begin with an asset inventory. Jeremiah Grossman CEO, Bit Discovery • Asset Inventory (Attack Surface Map) • Multi-factor Authentication • Email Security • Routine Backups • Wire Transfer Verification • Password Management
BIT DISCOVERY
Bit Discovery 2020 CAVEATS Data Collection: • Our Internet scanners sometimes use ANY type lookups and not all service providers support ANY type DNS lookups (i.e. Cloudflare) • Round Robin DNS sometimes finds a lot of assets, sometimes a little, and changes frequently. • DNS servers and resolvers sometimes experience outages. • DNS responses may exceed TTL. • DNS servers may selectively block requests. Issues with Organization Asset Inventory: • Assets with subdomains within the ownership of a third- party domain (e.g. <company>.wpengine.com, <company>.salesforce.com, etc.) may cause issues. • Assets not listed on certificate transparency and/or doesn’t have a public DNS entry (e.g. they'll use internal DNS and a self-signed cert). • DNS errors falling outside the RFC standard, "example_site.com" (~1%) • Wildcard (*) DNS entries. • DNS providers respond with erroneous information due to breach. • WHOIS redaction due to GDPR.

Empfohlen

Healthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesHealthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected Machines
Kurt Hagerman
 
Google peter logli &amp; jake shea
Google peter logli &amp; jake sheaGoogle peter logli &amp; jake shea
Google peter logli &amp; jake shea
ColloqueRISQ
 
Gartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangGartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhang
ColloqueRISQ
 
Helping Australian agencies fight serious crime
Helping Australian agencies fight serious crimeHelping Australian agencies fight serious crime
Helping Australian agencies fight serious crime
Wynyard Group
 
Wynyard Group -Technology modules
Wynyard Group -Technology modulesWynyard Group -Technology modules
Wynyard Group -Technology modules
Wynyard Group
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
 
Global Cybersecurity Consulting Firm
Global Cybersecurity Consulting FirmGlobal Cybersecurity Consulting Firm
Global Cybersecurity Consulting Firm
wilsonconsulting1
 
Case Studies: An overview of Wynyard's solutions and how they are used worldwide
Case Studies: An overview of Wynyard's solutions and how they are used worldwideCase Studies: An overview of Wynyard's solutions and how they are used worldwide
Case Studies: An overview of Wynyard's solutions and how they are used worldwide
Wynyard Group
 

Empfohlen

Healthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected MachinesHealthcare's Losing Battle Against the Hyper-Connected Machines
Healthcare's Losing Battle Against the Hyper-Connected Machines
Kurt Hagerman
 
Google peter logli &amp; jake shea
Google peter logli &amp; jake sheaGoogle peter logli &amp; jake shea
Google peter logli &amp; jake shea
ColloqueRISQ
 
Gartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhangGartner presentation risq dec 2016 jie zhang
Gartner presentation risq dec 2016 jie zhang
ColloqueRISQ
 
Helping Australian agencies fight serious crime
Helping Australian agencies fight serious crimeHelping Australian agencies fight serious crime
Helping Australian agencies fight serious crime
Wynyard Group
 
Wynyard Group -Technology modules
Wynyard Group -Technology modulesWynyard Group -Technology modules
Wynyard Group -Technology modules
Wynyard Group
 
Cloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance ChallengesCloud Storage and Security: Solving Compliance Challenges
Cloud Storage and Security: Solving Compliance Challenges
Eric Vanderburg
 
Global Cybersecurity Consulting Firm
Global Cybersecurity Consulting FirmGlobal Cybersecurity Consulting Firm
Global Cybersecurity Consulting Firm
wilsonconsulting1
 
Case Studies: An overview of Wynyard's solutions and how they are used worldwide
Case Studies: An overview of Wynyard's solutions and how they are used worldwideCase Studies: An overview of Wynyard's solutions and how they are used worldwide
Case Studies: An overview of Wynyard's solutions and how they are used worldwide
Wynyard Group
 
Seen at InfoSec Europe 2015: Spot your Snowden!
Seen at InfoSec Europe 2015: Spot your Snowden!Seen at InfoSec Europe 2015: Spot your Snowden!
Seen at InfoSec Europe 2015: Spot your Snowden!
John Wallix
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
Allot Communications
 
The X Factor in Data Centric Security
The X Factor in Data Centric SecurityThe X Factor in Data Centric Security
The X Factor in Data Centric Security
Watchful Software
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
Eoin Keary
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46
Jisc
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
Wynyard Group
 
Sqrrl 2.0 Launch Webinar
Sqrrl 2.0 Launch WebinarSqrrl 2.0 Launch Webinar
Sqrrl 2.0 Launch Webinar
Sqrrl
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
SafeNet
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate Leadership
Netskope
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
SafeNet
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec
 
The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - Presentation
Netskope
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilience
accenture
 
FusionX & Accenture: One Global Security Team
FusionX & Accenture: One Global Security TeamFusionX & Accenture: One Global Security Team
FusionX & Accenture: One Global Security Team
accenture
 
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
Internet Technology Matters (Internet Society)
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
SafeNet
 
Acsc threat report_2016
Acsc threat report_2016Acsc threat report_2016
Acsc threat report_2016
Stefanie Vogt
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Data Science Thailand
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
Tripwire
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
Ulf Mattsson
 

Weitere ähnliche Inhalte

Was ist angesagt?

The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - Presentation
Netskope
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
Tripwire
 

Was ist angesagt? (20)

Seen at InfoSec Europe 2015: Spot your Snowden!
Seen at InfoSec Europe 2015: Spot your Snowden!Seen at InfoSec Europe 2015: Spot your Snowden!
Seen at InfoSec Europe 2015: Spot your Snowden!
 
Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬Network Security‬ and Big ‪‎Data Analytics‬
Network Security‬ and Big ‪‎Data Analytics‬
 
The X Factor in Data Centric Security
The X Factor in Data Centric SecurityThe X Factor in Data Centric Security
The X Factor in Data Centric Security
 
Cybersecurity by the numbers
Cybersecurity by the numbersCybersecurity by the numbers
Cybersecurity by the numbers
 
Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46Smoothwall and Ampliphae - Networkshop46
Smoothwall and Ampliphae - Networkshop46
 
Cyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teamsCyber risk tips for boards and executive teams
Cyber risk tips for boards and executive teams
 
Sqrrl 2.0 Launch Webinar
Sqrrl 2.0 Launch WebinarSqrrl 2.0 Launch Webinar
Sqrrl 2.0 Launch Webinar
 
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and ControlWhose Cloud Is It Anyway: Exploring Data Security Ownership and Control
Whose Cloud Is It Anyway: Exploring Data Security Ownership and Control
 
Quantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate Leadership
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
The Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - PresentationThe Definitive CASB Business Case Kit - Presentation
The Definitive CASB Business Case Kit - Presentation
 
From Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber ResilienceFrom Cybersecurity to Cyber Resilience
From Cybersecurity to Cyber Resilience
 
FusionX & Accenture: One Global Security Team
FusionX & Accenture: One Global Security TeamFusionX & Accenture: One Global Security Team
FusionX & Accenture: One Global Security Team
 
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
ISOC Efforts in Collaborative Responsibility Toward Internet Security and Res...
 
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and MobilityNot Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
Not Going Quietly: Gracefully Losing Control & Adapting to Cloud and Mobility
 
Acsc threat report_2016
Acsc threat report_2016Acsc threat report_2016
Acsc threat report_2016
 
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance SecurityBig Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
 
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_ReedThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
ThinAir Endpoint Visibility Security HIMSS2018 Brian_Reed
 

Ähnlich wie The Attack Surface of the Healthcare Industry

Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech Solution
Simrat Singh
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
CA Technologies
 
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
Amazon Web Services
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
Ulf Mattsson
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
PECB
 
It Security Overview
It Security OverviewIt Security Overview
It Security Overview
joegleinser
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Ulf Mattsson
 
Cybersecurity Skill and Resilience Gap Assessment
Cybersecurity Skill and Resilience Gap AssessmentCybersecurity Skill and Resilience Gap Assessment
Cybersecurity Skill and Resilience Gap Assessment
www.securekm.com; Secure Knowledge Management Inc.
 

Ähnlich wie The Attack Surface of the Healthcare Industry (20)

How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
 
New regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscapeNew regulations and the evolving cybersecurity technology landscape
New regulations and the evolving cybersecurity technology landscape
 
Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...Where data security and value of data meet in the cloud brighttalk webinar ...
Where data security and value of data meet in the cloud brighttalk webinar ...
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
 
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI ComplianceBest Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
Best Practices to Protect Cardholder Data Environment and Achieve PCI Compliance
 
Cyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech SolutionCyber Security Whitepaper 2018 | vTech Solution
Cyber Security Whitepaper 2018 | vTech Solution
 
Ivanti threat thursday deck october v2
Ivanti threat thursday deck october v2Ivanti threat thursday deck october v2
Ivanti threat thursday deck october v2
 
Building Digital Trust
Building Digital Trust Building Digital Trust
Building Digital Trust
 
IGPC Data Breach Planning braindump
IGPC Data Breach Planning braindumpIGPC Data Breach Planning braindump
IGPC Data Breach Planning braindump
 
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
如何應用 AWS AIoT 幫助醫療產業面對 Covid-19
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
Webzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in SwitzerlandWebzurich - The State of Web Security in Switzerland
Webzurich - The State of Web Security in Switzerland
 
Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0 Impact of Zero Trust Cyber Security on Healthcare 4.0
Impact of Zero Trust Cyber Security on Healthcare 4.0
 
Convince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cureConvince your board - cyber attack prevention is better than cure
Convince your board - cyber attack prevention is better than cure
 
21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptx21 Cybersecurity Companies You Need to Know.pptx
21 Cybersecurity Companies You Need to Know.pptx
 
Cyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial ServicesCyber Resilience: managing 3rd Party Risks in Financial Services
Cyber Resilience: managing 3rd Party Risks in Financial Services
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
It Security Overview
It Security OverviewIt Security Overview
It Security Overview
 
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
Practical advice for cloud data protection ulf mattsson - oracle nyoug sep ...
 
Cybersecurity Skill and Resilience Gap Assessment
Cybersecurity Skill and Resilience Gap AssessmentCybersecurity Skill and Resilience Gap Assessment
Cybersecurity Skill and Resilience Gap Assessment
 

Mehr von Jeremiah Grossman

Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Jeremiah Grossman
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
Jeremiah Grossman
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to Know
Jeremiah Grossman
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Jeremiah Grossman
 
WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015
Jeremiah Grossman
 
WhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report ExplainedWhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report Explained
Jeremiah Grossman
 
WhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics ReportWhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics Report
Jeremiah Grossman
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
Jeremiah Grossman
 
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
Jeremiah Grossman
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
Jeremiah Grossman
 
WhiteHat’s 12th Website Security Statistics [Full Report]
WhiteHat’s 12th Website Security Statistics [Full Report]WhiteHat’s 12th Website Security Statistics [Full Report]
WhiteHat’s 12th Website Security Statistics [Full Report]
Jeremiah Grossman
 

Mehr von Jeremiah Grossman (20)

All these vulnerabilities, rarely matter
All these vulnerabilities, rarely matterAll these vulnerabilities, rarely matter
All these vulnerabilities, rarely matter
 
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash ScreensExploring the Psychological Mechanisms used in Ransomware Splash Screens
Exploring the Psychological Mechanisms used in Ransomware Splash Screens
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
 
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About RansomwareWhat the Kidnapping & Ransom Economy Teaches Us About Ransomware
What the Kidnapping & Ransom Economy Teaches Us About Ransomware
 
Next Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers GuideNext Generation Endpoint Prtection Buyers Guide
Next Generation Endpoint Prtection Buyers Guide
 
Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?Can Ransomware Ever Be Defeated?
Can Ransomware Ever Be Defeated?
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to Know
 
Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016Web Application Security Statistics Report 2016
Web Application Security Statistics Report 2016
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
 
WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015WhiteHat’s Website Security Statistics Report 2015
WhiteHat’s Website Security Statistics Report 2015
 
No More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security GuaranteesNo More Snake Oil: Why InfoSec Needs Security Guarantees
No More Snake Oil: Why InfoSec Needs Security Guarantees
 
WhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report ExplainedWhiteHat Security 2014 Statistics Report Explained
WhiteHat Security 2014 Statistics Report Explained
 
WhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics ReportWhiteHat 2014 Website Security Statistics Report
WhiteHat 2014 Website Security Statistics Report
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
 
WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)WhiteHat Security Website Statistics [Full Report] (2013)
WhiteHat Security Website Statistics [Full Report] (2013)
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
 
WhiteHat’s 12th Website Security Statistics [Full Report]
WhiteHat’s 12th Website Security Statistics [Full Report]WhiteHat’s 12th Website Security Statistics [Full Report]
WhiteHat’s 12th Website Security Statistics [Full Report]
 
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
Web Breaches in 2011-“This is Becoming Hourly News and Totally Ridiculous"
 

Kürzlich hochgeladen

Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
 
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
Asmae Rabhi
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 

Kürzlich hochgeladen (20)

APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx75539-Cyber Security Challenges PPT.pptx
75539-Cyber Security Challenges PPT.pptx
 
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria IuzzolinoPower point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 

The Attack Surface of the Healthcare Industry

  • 2. •CEO, Bit Discovery •20 years in Information Security •Founder of WhiteHat Security •Black Belt in Brazilian Jiu-Jitsu JEREMIAH GROSSMAN
  • 3. Coalition serves over 25,000 small and midsize organizations across every sector of the US and Canada. Report covers not just “breaches,” but breaches resulting in material harm.
  • 4.
  • 5.
  • 6.
  • 8. Bit Discovery 2020 FEDERAL TRADE COMMISSION, Plaintiff, v. EQUIFAX INC., Defendant.
  • 9. Bit Discovery 2020 USE-CASES ASSET INVENTORY • Vulnerability & Patch Management • Third-Party Risk Management • Mergers & Acquisition • Cyber-Insurance • Policy & Compliance • Security Ratings • Incident Response • Sales & Marketing Enablement • Investments
  • 11. Bit Discovery 2020 INTERNET “COPY” OF THE • Generated by Bit Discovery + 400 data sources. • WHOIS databases, domain names, ASN, ports, service banners, technology stack, website index page(s), full TLS certificate info, email addresses, password dumps, etc. • Each asset has potentially 115 unique data points. • Each data point updated daily-to-monthly. • Hundreds of snapshots collected over 5 years. Largest Data-Set Of It’s Kind *missing ~30% of the Internet* 4.5 Billion DNS Entries 200+ INTERNET SNAPSHOTS 515 DATA SOURCES 115 DATA COLUMNS 150 YEARS OF CPU TIME
  • 13. Bit Discovery 2020 INSIGHTS What do you want to know? • How many websites, VPNs, mail servers, DNS servers, SSH servers, etc.? • How many of what assets are “in the cloud” or use a particular CDN? • How many assets have expired or soon-to-be expired TLS certificates? • What asset are using or NOT using PHP, Drupal, Citrix, F5, Wordpress, etc.? • In what countries are assets located? • What assets or services should probably not be externally exposed (RDP, MySQL, Dev/ Staging)? By Organization By Industry Your Inventory
  • 14. Bit Discovery 2020 ASSET as·set | ˈaset | noun a domain name, subdomain, or IP addresses and/or combination thereof of a device connected to the Internet or internal network. • (an asset) may include, but not limited to, web servers, name servers, IoT devices, or network printers.
  • 15. Total Assets (hospitals & health) The total number of Internet-connected assets globally. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 30,000 60,000 90,000 120,000 1,897 1,883 183 10,594 749 10,594 356 3,506 788 1,910 104,605
  • 16. Total Assets (Healthcare) The total number of Internet-connected assets globally. Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 30,000 60,000 90,000 120,000 21,360 108,759 18,645 6,360 43,153 19,900 22,819 70,645 10,020
  • 17. Domain Names The total number of registered domain names. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 1,500 3,000 4,500 6,000 107 90 3 1,286 50 1,286 36 307 38 123 5,264 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 1,500 3,000 4,500 6,000 808 5,615 204 404 953 1,434 1,086 663 523 Hospitals & Health Healthcare
  • 18. Cloud Assets The percentage of Internet-accessible and cloud-hosted assets. Cloud providers include Amazon Web Services, Microsoft Azure, Google App Engine, and others. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 0 0 0 1 15.40% 16.78% 24.59% 15.40% 7.88% 15.40% 14.04% 32.94% 0.63% 5.18% 53.70% Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 0 0 1 1 8.54% 6.26% 83.91% 15.30% 1.17% 10.82% 5.01% 2.83% 44.26% Hospitals & Health Healthcare
  • 19. CDN Assets The percentage of Internet-accessible assets being served by a well-known Content Delivery Network. CDNs include Akamai, Cloudflare, Fastly, and others. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 0 0 0 0 1.05% 0.74% 0.00% 8.14% 0.27% 8.14% 0.00% 1.23% 4.06% 1.36% 0.19% Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 0 0 0 0 1.59% 3.38% 0.19% 1.45% 0.33% 0.02% 10.54% 0.59% 2.94% Hospitals & Health Healthcare
  • 20. Certificate Authorities The number of unique Certificate Authorities seen across the Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 13 25 38 50 22 19 4 27 7 27 5 25 9 27 46 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 28 55 83 110 47 106 24 37 42 45 60 48 50 Hospitals & Health Healthcare
  • 21. Expired TLS Certs The number of expired TLS Certificates seen across the Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 30 60 90 120 59 55 5 103 10 103 1 81 17 63 97 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 175 350 525 700 243 433 14 556 107 88 614 221 264 Hospitals & Health Healthcare
  • 22. Countries Hosting The number of countries hosting Internet-accessible assets. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 4 8 12 16 6 3 4 9 2 9 3 8 4 8 16 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 6 12 18 24 16 20 10 23 15 13 17 11 18 Hospitals & Health Healthcare
  • 23. Private IP-Space The number of Internet-connected assets where the hostname resolves to non-route-able RFC-1918 internal IP-addresses. HCA Ascension Tenet Trinity Vibra Community Health Atrium CommonSpirit LifePoint Providence MEDIAN 0 8 15 23 30 4 3 0 5 2 5 0 1 25 8 30 Cardinal Kaiser McKesson Anthem CVS Cigna Humana UnitedHealth MEDIAN 0 175 350 525 700 42 408 3 9 98 8 691 15 68 Hospitals & Health Healthcare
  • 24. Wordpress (Healthcare) Extremely popular free and open-source content management system. Wordpress assets scanned with WPScan, which includes vulnerabilities in WordPress plug-ins. Total (Median) WordPress Websites Total (Median) WordPress Vulnerabilities Total (Median) WordPress Websites with at least 1 vulnerability Median # of Vulnerabilities per Wordpress website Hospitals & Health 17 0 0 0 Healthcare 70 106 5 16
  • 26. Every security program must begin with an asset inventory. Jeremiah Grossman CEO, Bit Discovery • Asset Inventory (Attack Surface Map) • Multi-factor Authentication • Email Security • Routine Backups • Wire Transfer Verification • Password Management
  • 28. Bit Discovery 2020 CAVEATS Data Collection: • Our Internet scanners sometimes use ANY type lookups and not all service providers support ANY type DNS lookups (i.e. Cloudflare) • Round Robin DNS sometimes finds a lot of assets, sometimes a little, and changes frequently. • DNS servers and resolvers sometimes experience outages. • DNS responses may exceed TTL. • DNS servers may selectively block requests. Issues with Organization Asset Inventory: • Assets with subdomains within the ownership of a third- party domain (e.g. <company>.wpengine.com, <company>.salesforce.com, etc.) may cause issues. • Assets not listed on certificate transparency and/or doesn’t have a public DNS entry (e.g. they'll use internal DNS and a self-signed cert). • DNS errors falling outside the RFC standard, "example_site.com" (~1%) • Wildcard (*) DNS entries. • DNS providers respond with erroneous information due to breach. • WHOIS redaction due to GDPR.