By Jeff Bell | Oct 21, 2022
3 minute read Technology| Blog
Ransomware threats and other forms of cybercrime are a top of mind business risk for healthcare and security leaders. While the Covid-19 pandemic drove substantial innovation and improvements in digital healthcare, including rapid adoption of telehealth and virtual visits, escalating cybersecurity threats have driven many healthcare organizations to increase focus and investment in cybersecurity technology, staff and effective operations.
Recovering from ransomware attacks proves difficult for healthcare
Take a look at recent data related to cyberattacks.
Each of these data breaches represent significant financial and operational impact to their respective organizations, and in some cases, especially in the case of ransomware attacks, disruption of important healthcare services to patients.
When we look at the types of incidents occurring in healthcare organizations, Kroll research indicates that ransomware is the most frequent, followed by email compromise, unauthorized access and compromised websites and web applications.
Kroll notes that the top initial attack vector during the time period analyzed was exploitation of vulnerabilities in remote services such as remote desktop protocol (RDP) or virtual private network (VPN) services. This underscores the importance of implementing effective security controls to mitigate vulnerabilities in remote services including vulnerability management, secure configuration, and strong authentication including multi-factor authentication.
Tactical ways to mitigate ransomware risks and protect against cyber crime
Below are questions that can help you evaluate your current state processes, encourage conversations about your investment in cybersecurity technology and uncover possible operational improvements and education needs — all with the goal to reduce the risk of ransomware attacks for your healthcare organization.
Evaluate threat and vulnerability management processes
Assess identity and access management
Have you deployed multi-factor authentication (MFA) for the following:
Protect against email and phishing scams
Understand your risk: supply chain, third parties and managed service providers
Be ready to respond to an incident
Have a backup, disaster recovery and business continuity plan
Call to action: Prepare for cybersecurity
The current state of cybersecurity in healthcare organizations requires a call to action. As healthcare IT and security leaders, we must not accept or ignore scenarios where our organizations fail to manage known cyber risk.
As we think about the upcoming year and our priorities, let’s take the time to review our cybersecurity program and compare our practices to the best practice recommendations in these resources.
Ways we can help
CereCore has a well-earned reputation for providing excellent IT services to its growing list of healthcare customers. As you work on improving your cybersecurity program to address the risks discussed above, we stand ready to help in these areas:
Detection and response during early stages of an attack may help you stop the attack or limit attack impact. Together, we can actively prepare for cybersecurity threats.
CISO, Advisory Services, CereCore
CISO, Advisory Services, CereCore
With the IPPS Final Rule, Medicare inpatient payment system rates were raised by a net of 2.9% for hospitals that meet regulatory compliance with their quality measures data. The ruling also ramped...
This article and video interview were originally published on Healthcare IT Today “EMR Optimization is a Continuous Process”.
Let us know how we can support your initiatives and take some of the heavy lifting from healthcare IT.
© All Rights Reserved CereCore Terms of Service California Notice at Collection Privacy Policy Responsible Disclosure