COVID-19 , Fraud Management & Cybercrime , Incident & Breach Response
Preparing the Entire Workforce for Devastating CyberattacksAttorney Erik Weinick of Otterbourg on Critical Ransomware Considerations
It is essential that entities across all industries - and especially in healthcare - better train and prepare every type and level of worker on how to respond to potentially devastating ransomware attacks, says privacy and security attorney Erik Weinick of law firm Otterbourg PC.
"It can't just be the folks running the IT systems. In the case of a hospital - the doctors, the nurses, the [drug] dispensary [personnel] - need to have systems in place and understand what they're going to do if the technical systems that they rely on are unavailable," Weinick says in an interview with Information Security Media Group.
"How are they going to preform procedures … dispense medication … track information … and turn patients over between shifts," he asks, listing some of the many considerations that staff must plan and prepare for in advance.
As the pandemic wears on, Weinick says, ransomware and other cyberattacks - as well as the COVID-19 virus itself - will continue to morph.
"We've seen a lot of new participants in the healthcare sector," he says. "That includes organizations that have not traditionally been entrusted with healthcare-related information that now find themselves in possession of it but may not have the infrastructure in place to safely deal with it."
For instance, COVID testing and walk-in clinics "have literally popped up on every street corner," he says, but "in their race to deploy services … many have not built their information security infrastructures to match what they're doing."
As a result, they may find themselves "very vulnerable to ransomware and other attacks."
In the interview (see audio link below photo), Weinick also discusses:
- Steps new businesses should take to better safeguard health and other sensitive data;
- Planning for ransomware attacks that could potentially affect patient quality of care;
- Data security and privacy considerations for once the pandemic winds down.
Weinick is a co-founder of law firm Otterbourg’s privacy and cybersecurity practice. His experience includes privacy and cybersecurity, bankruptcy, commercial torts, defamation/slander, education, employment and labor, insurance, lender liability, noncompetition agreements, professional malpractice, real estate, regulatory, SEC receiverships and unfair/deceptive trade practices.