The Webinar Wednesday presentation “Defending Against Ransomware in Healthcare – 5 More Steps You Can Take Today” was sponsored by Cynerio and eligible for 1 credit from the ACI.
In this 60-minute webinar, Cynerio Security Evangelist Chad Holmes discussed how ransomware attacks on health care environments have continued to rise significantly for the third year in a row. The rise in these attacks has also resulted in a better understanding of why and how they happen. In short, the health care industry provides a target-rich environment with lagging security practices and highly valuable data. Unfortunately, those lagging practices are not evolving at a rate that will deter attackers.
The Cynerio team discussed five areas where health care facilities can begin to improve security practices. The discussion including a range of topics from guiding principles in understanding attacker motives to adopting specific new technologies. The presentation served as a guidance to improve a facility’s risk posture and reduce the likelihood of becoming the victim of a successful attack.
Holmes also answered questions after his presentation.
He explained the HHS website’s “Wall of Shame” in response to a question about the statistics used during the presentation.
Holmes said that the Health and Human Services (HHS) has what’s nicknamed the Wall of Shame, where it lists every single breach. The website shows more than 700 breaches last year.
“That website also shows the number of records exposed, which is where that 40 million number comes from,” Holmes said. “That $20 billion or $21 billion cost is from an analyst’s report, I believe.”
Another question was, “Why is there such a rise in ransomware attacks over the last few years?”
Holmes explained that bad actors often go after easier targets.
“Hospitals are the low hanging fruit. If you look, I’m going to pick on Goldman Sachs because they’re easy to pick on. If you look at Goldman Sachs, they know where every dollar is spent. And they know how much they can invest in cybersecurity to protect every single dollar they make. So, they overinvest in security, because they know exactly the value there,” Holmes said. “Hospitals, on the other hand, overinvest in patient care, which is what we want them to do, that’s not a critique of them. But the reality is that hospital cybersecurity practices lag nearly every other industry. When you combine that with the fact that they have incredibly valuable data in the form of records, then you have this environment where they have low cybersecurity practices, valuable information, and they’re under enormous stress, from COVID right now, all hands on deck to do whatever they can, to help with the actual care of patients.”
“So, the reality is that it’s a very easy target with lower defenses, and hackers are evil people that want to make money off that the easiest way they can, and that’s what they’re doing,” he added. “It’s just kind of a sad, simple reality.”
Holmes answered more questions, and the complete presentation is available for on-demand viewing at WebinarWednesday.live.
The webinar was popular with almost 100 registered attendees. A post-webinar survey collected positive feedback including answers to the question, “Why did you attend today’s webinar? And, was it worth your time?”
“Safe HDO networks are valuable. Understanding how to directly respond to an attack is something we should all understand and be prepared for. Thank you for the presentation,” Biomed J. Cozadd said.
“To learn more about ransomware attack prevention and cybersecurity. Yes, it was,” Clinical Engineering Manager P. Graham said.
“I am interested in new technologies and new approach to issues,” QA Manager A. Warren said.
For more information, including a list of upcoming presentations, visit WebinarWednesday.live.