How are you approaching security challenges in the healthcare space?
Sort by:
I am not in the healthcare space but have a lot of friends who are.
Any everyone who is in healthcare security is concerned with ransomware. It is the biggest challenge they are facing now, and will be a massive concern in 2021.
Agree. My experience is that Ransomware doesn’t discriminate. Everyone is getting impacted. Perhaps Healthcare pays (urgency) and hence a better target.
There's a company that I recently learned about for ransomware called Airgap Networks. They can map out your entire environment. They can show you what your machines are connected to, or have the ability to connect to throughout your network. And it can make a rule saying, hey, this Windows PC doesn't need to connect to all this stuff. It should only connect to printers and file shares so you can block all those other connections. In addition, if an attacker does get in somehow, if you try to go to the next machine, it's going to stop you and make you authenticate via MFA. So, that's going to slow the people down. And then if all that fails and you see ransomware proliferation throughout your network, there's an easy stop button. You pre-program that button to protect all of your crown jewels (file servers, database servers, everywhere your IP is). When you hit that stop button it allows everyone to continue to work, but it stops everybody from accessing all those key systems until you figure out what the heck is going on. Everybody else I talked to about ransomware only offers to restore your system through one drive and I don't want to do that in the first place.
Those prevention mechanisms are key. I've seen a lot of cybersecurity incidents happen and the root cause analysis of them. There's a lot of entry ways, but air gapping and having MFA in place, and of course having your backups, are the key ways to be able to prevent it.
What are your risks for those lab machines?
I’ve aligned our company to comply with the CSF as well as blended in other frameworks