In honor of cybersecurity month in the US and Europe, Polymer’s CEO, Yasir Ali, recently spoke in a webinar about the growing prevalence of ransomware attacks – and how hospitals, medical providers and other healthcare organizations can protect themselves.
Here are 4 Key Takeaways:
Takeaway 1: Ransomware is as scary as it sounds
Not to be scare-mongering, but ransomware is an evolving and ever-present threat to today’s medical companies. Over the last ten years, cyber-criminals have fine-tuned their tactics so that these attacks are harder to evade.
A decade ago, a ransomware attack simply targeted an end-user but, today, many attacks are more complex than that. The attacker will start by sending an email, then break into the organization’s infrastructure and secretly copy sensitive data. Once the timing is right, they will then launch their ransomware attack, often using bribery and threats to encourage the victim organization to pay up.
Because of this, about 95% of organizations today pay the ransom so that they can unlock their files and get back to business. In hospitals, it’s no wonder this is the case. With the rise of connected devices, it’s not just files that are at risk from a ransomware attack – but critical infrastructure and care equipment too.
Unfortunately, paying a ransom can have disastrous knock-on effects. For one, ransoms tend to cost at least 6 figures. Moreover, in terms of cyber insurance, a single ransomware attack can make your premium so high that you won’t be able to get cover at all.
Takeaway 2: The cloud is a leaky environment for many organizations
The cloud has proliferated at an unprecedented rate over the last ten years. 11 years ago, when AWS first started, basic building blocks like servers and databases were on offer. Today, vendors like Oracle, Snowflake, Microsoft and Amazon now provide all-in-one solutions as a service, creating a shared responsibility model between cloud providers and their clients.
However, because of the cybersecurity skills gap, organizations often don’t have the expertise to manage their cloud infrastructure correctly. As a result, sensitive data is at risk. Be it people sharing files they shouldn’t, misconfiguration issues or code base keys being shared publicly – we consistently see healthcare organizations inadvertently expose their PHI due to a lack of cloud know-how.
Takeaway 3: How to protect your organizations from ransomware and sensitive data loss
As more and more healthcare organizations migrate to the cloud and embrace third party collaboration tools like Zoom and Teams, they need to embrace automated data protection to keep track of, and protect, PHI.
At Polymer, our solution for this is called the virtual compliance officer. It’s an automated way of analyzing sensitive data traffic in real-time, and redacting HIPAA data before it is shared with the wrong person or team.
The automation element of our product is crucial. We’ve already mentioned the skills gap within cybersecurity. Manually combing through employee interactions for signs of data loss is not only laborious, but a human is far too slow to keep track of widespread, digital communications within large healthcare organizations. While redacting sensitive data can’t protect you from a ransomware attack itself, it can ensure that, in the event that the worst happens, your PHI data is protected.
As well as this, it’s important not to forget the security basics – actions like vulnerability scanning, regular patching and enabling multi-factor authentication. We also recommend that you implement a strong password protection program on all employee desktops. This is a simple, cost-effective solution that can dramatically reduce the risk of a successful attack.
Takeaway 4: Cybersecurity is a people problem, not a technology problem
As little as 7% of your employees are responsible for 80% of the cybersecurity risks you face. Many of today’s ransomware attacks start with an unwitting employee clicking a malicious link by accident. To that end, cybersecurity is fundamentally a people problem. This means that training your staff can go a long way in fighting against ransomware and other attacks.
However, quarterly, dreary training won’t do the trick. You need to implement training that your people will actually take on board and, from which, they will modify their behavior. One of the best ways to do this is through dynamic, on-the-job nudge training. This kind of coaching uses automation to interact with end-users during the day-to-day workflow. if, for example, they go to share a sensitive document with a third party on Slack, the solution will flag the action as risky to them and check if they want to go ahead. This can prevent a number of security incidents involving accidental insiders.