Don ’t Let the Adversary Operate In Your Blind Spot

The following is a guest article by Dave Bailey, VP of Security Services at Clearwater. Today’s adversaries are successfully taking advantage of a user’s likelihood to open a malicious file, click a malicious link, or steal a user’s identity to launch disruptive and potentially destructive attacks. Once the weakness is exploited, they launch their attacks, steal sensitive information, and extort businesses for financial gain. In addition, most healthcare providers experience critical disruption to care delivery and mission-critical functions. A successful adversary was able to operate in an organization’s “blind spot” throughout the attack. If you are at the point of negotiating with the cyber-criminal to not go public or to get your data back, it usually means the following occurred within the blind spot:  One or more individuals clicked a link or opened a malicious file Malware was installed in the environment A device or system was missing an available patch or upgrade One or more account credentials were compromised A cyber-criminal spent time in your network undetected Data was exfiltrated from the network Unfortunately, there isn’t a way to eliminate the blind spot; however, there are must-do behaviors that can minimize the impacts of these types of attacks and build resiliency within the organization. It is important to highlight these activities as behaviors, and not have them looked upon as projects that have a start and end. Too many organizations ...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: Ambulatory C-Suite Leadership Health IT Company Healthcare IT Hospital - Health System LTPAC Security and Privacy Assess Risk Blind Spot Clearwater Compromised Data Cyber Vigilance Cyber-Criminal Cybersecurity CynergisTek Dav Source Type: blogs