Ransomware Preparedness in Healthcare – Are you Doing the Basics?

The following is a guest article by Chad Peterson, Managing Director at NetSPI As ransomware attacks become more sophisticated, healthcare organizations have become desirable targets due to the valuable data shared across medical records and the constant need for service availability. In fact, a recent JAMA Health Forum report indicates that from 2016 to 2021, the annual number of ransomware attacks on the healthcare sector more than doubled.  With the rise in these attacks, healthcare organizations must have an in-depth understanding of their security posture, including how breaches may occur and how to take an offensive approach to defend against them. As such, IT administrators must ensure they are addressing basic security needs. They can achieve this by taking the following three foundational steps. Implement Standard Security Protocols The first step for IT leaders to ensure ransomware preparedness is to implement security protocols that help prevent attacks before they occur. This includes checking for vulnerabilities and misconfigurations through vulnerability scanning and continuously patching systems when weaknesses are identified. Penetration testing should also be routinely conducted to proactively identify and verify exploitable vulnerabilities in IT systems. Continuous pentesting, which often takes the form of attack surface management, helps identify and protect assets exposed externally. Awareness of an organization’s potential entry points is especially cr...
Source: EMR and HIPAA - Category: Information Technology Authors: Tags: Ambulatory C-Suite Leadership Health IT Company Healthcare IT Hospital - Health System LTPAC Security and Privacy Chad Peterson Cybersecurity Cybersecurity Awareness Training Cybersecurity Breach EHR Electronic Health Records Ele Source Type: blogs