Access Management , Endpoint Detection & Response (EDR) , Endpoint Security
Essential Steps for Battling Ransomware AttacksMitch Parker, CISO of Indiana University Health, Spells Out Critical Actions
Healthcare organizations need to take several critical steps to help mitigate the risk of ransomware attacks, including implementing endpoint detection and response software and regularly testing the integrity of their backups, says Mitch Parker, CISO of Indiana University Health.
See Also: LIVE Webinar | Hackers Don't Back Down, So You Need to Back Up: Data Security's Hardest Truths
"Make sure you have good EDR software … and that you're able to correlate and examine the logs … to see if there's anything in there that looks unusual," he says in a video interview with Information Security Media Group.
Backup integrity checking and testing are also absolute musts, he says.
"You have to make sure you can actually restore your backups. ... You have to make sure the backups actually work. And that nice backup to the cloud [may be] convenient, but if you have 90 terabytes of data pulled out over a gig line, it's going to be a while before your system gets back online and you can actually do work."
Entities also should regularly review who has access to networks and the level of privilege. "If there are accounts in there from a number of people who left one or two years ago - and that's not uncommon, sadly - you have to get rid of those accounts," he says.
It is also essential for entities to review the level of remote access they're permitting and the security of that access, says Parker, who is a speaker at the Healthcare Information and Management Systems Society 2021 conference in Las Vegas this week.
In this video interview, Parker also discusses:
- Other top concerns about ransomware attacks;
- The threat of spyware to personal mobile devices, such as smartphones, that are brought into healthcare environments;
- His organization's top security priorities and projects for the months ahead.
Parker is the executive director of information security and compliance at Indiana University Health. His areas of interest include improving security governance, regulatory compliance and working with a large variety of customers to address their business needs and incorporate risk management into all aspects of the business process.