TRENDING:

Access Management , Endpoint Detection & Response (EDR) , Endpoint Security

Essential Steps for Battling Ransomware Attacks

Mitch Parker, CISO of Indiana University Health, Spells Out Critical Actions Marianne Kolbasuk McGee (HealthInfoSec) • August 11, 2021    
Mitch Parker, CISO of Indiana University Health

Healthcare organizations need to take several critical steps to help mitigate the risk of ransomware attacks, including implementing endpoint detection and response software and regularly testing the integrity of their backups, says Mitch Parker, CISO of Indiana University Health.

See Also: LIVE Webinar | Hackers Don't Back Down, So You Need to Back Up: Data Security's Hardest Truths

"Make sure you have good EDR software … and that you're able to correlate and examine the logs … to see if there's anything in there that looks unusual," he says in a video interview with Information Security Media Group.

Backup integrity checking and testing are also absolute musts, he says.

"You have to make sure you can actually restore your backups. ... You have to make sure the backups actually work. And that nice backup to the cloud [may be] convenient, but if you have 90 terabytes of data pulled out over a gig line, it's going to be a while before your system gets back online and you can actually do work."

Access Reviews

Entities also should regularly review who has access to networks and the level of privilege. "If there are accounts in there from a number of people who left one or two years ago - and that's not uncommon, sadly - you have to get rid of those accounts," he says.

It is also essential for entities to review the level of remote access they're permitting and the security of that access, says Parker, who is a speaker at the Healthcare Information and Management Systems Society 2021 conference in Las Vegas this week.

In this video interview, Parker also discusses:

  • Other top concerns about ransomware attacks;
  • The threat of spyware to personal mobile devices, such as smartphones, that are brought into healthcare environments;
  • His organization's top security priorities and projects for the months ahead.

Parker is the executive director of information security and compliance at Indiana University Health. His areas of interest include improving security governance, regulatory compliance and working with a large variety of customers to address their business needs and incorporate risk management into all aspects of the business process.

Previous
BlackMatter Group Debuts Linux-Targeting Ransomware
Next
10 Initial Access Broker Trends: Cybercrime Service Evolves

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Integrating Generative AI Into the Threat Detection Process
Integrating Generative AI Into the Threat Detection Process
What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Why Legacy Medical Systems Are a Growing Concern
Why Legacy Medical Systems Are a Growing Concern
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
How to Simplify Data Protection within your Organization
How to Simplify Data Protection within your Organization
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
HHS OCR Leader: Agency Is Cracking Down on Website Trackers
Are We Facing a Massive Cybersecurity Threat?
Are We Facing a Massive Cybersecurity Threat?
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.