The war in Ukraine and pandemic have both dramatically changed the cyberthreat landscape for healthcare entities.
There are many more employees working from home, as well as patients communicating with their physicians remotely. At the same time, governments have warned of potential cyberattacks by Russia.
Even without these threats, ransomware provides its own challenges. As Blaise Wabo, Healthcare and Financial Services Leader for A-Lign explains in this podcast, it’s a fast-growing threat. Deloitte research indicates that ransomware attacks increased by 1755% in 2021.
So how should healthcare entities respond? Start by focusing on your people, he advises. They tend to be the weakest link in the security chain. Some common challenges:
- A lack of encryption of their home WIFI
- Routers still with the default password
- Connecting from Starbucks, the airport or hotel without using a VPN
- Falling for a phishing attack
To manage the risk, he recommends starting with a risk assessment that includes third-party suppliers and your supply chain. Determine the vulnerabilities and rank the risks. Then begin implementing controls. Encrypt PHI, even in transit. Conduct phishing training for your staff. Hire a third party to do a penetration test and identify gaps in your security.
In addition to preventing problem, steps like these can help when one occurs, given the provisions of the HIPAA Safe Harbor Act.
Listen in for more advice and learn how to navigate an increasingly challenging cyber landscape.