How are you approaching security challenges in the healthcare space?

Security & GRCThreat & Vulnerability ManagementThreat Intelligence & Incident Response
930 views1 Upvote6 Comments
CISO in Software, 51 - 200 employees
What are your risks for those lab machines?
CISO in Software, 51 - 200 employees
There's a company that I recently learned about for ransomware called Airgap Networks. They can map out your entire environment. They can show you what your machines are connected to, or have the ability to connect to throughout your network. And it can make a rule saying, hey, this Windows PC doesn't need to connect to all this stuff. It should only connect to printers and file shares so you can block all those other connections. In addition, if an attacker does get in somehow, if you try to go to the next machine, it's going to stop you and make you authenticate via MFA. So, that's going to slow the people down. And then if all that fails and you see ransomware proliferation throughout your network, there's an easy stop button. You pre-program that button to protect all of your crown jewels (file servers, database servers, everywhere your IP is). When you hit that stop button it allows everyone to continue to work, but it stops everybody from accessing all those key systems until you figure out what the heck is going on. Everybody else I talked to about ransomware only offers to restore your system through one drive and I don't want to do that in the first place.
1 1 Reply
Managing Director, 1,001 - 5,000 employees

Those prevention mechanisms are key. I've seen a lot of cybersecurity incidents happen and the root cause analysis of them. There's a lot of entry ways, but air gapping and having MFA in place, and of course having your backups, are the key ways to be able to prevent it.

Senior Information Security Manager in Software, 501 - 1,000 employees
I am not in the healthcare space but have a lot of friends who are.

 

Any everyone who is in healthcare security is concerned with ransomware. It is the biggest challenge they are facing now, and will be a massive concern in 2021.
1 1 Reply
CEO in Software, 11 - 50 employees

Agree. My experience is that Ransomware doesn’t discriminate. Everyone is getting impacted. Perhaps Healthcare pays (urgency) and hence a better target.

1
Director of Information Security (ISO) in Software, 51 - 200 employees
I’ve aligned our company to comply with the CSF as well as blended in other frameworks
2

Content you might like

So far this year, $210 Million worth of ransomware payments have been tracked by analytics firm Chainalsyis. How much will have been spent in ransomware transactions by the end of the year?

Governance, Risk & ComplianceSecurity & GRCRisk Management+7 more

$300 - $400 Million30%

$401 - $500 Million45%

$501-$600 Million6%

$600 Million +7%

Unsure11%


175 PARTICIPANTS
477 views

Are you planning to improve endpoint security in the next 12 months with any of these additional capabilities?

Security & GRCThreat & Vulnerability ManagementIdentity & Access Management (IAM)+8 more

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks58%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls32%

Not planning to change endpoint security strategy10%


185 PARTICIPANTS
409 views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
41k views131 Upvotes319 Comments

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRCThreat & Vulnerability Management
Read More Comments
2.8k views5 Upvotes5 Comments

Any recommendations on OT security product? I tried pushing Crowdstrike but it wasn't approved by OEMs. Other two are Claroty and Nozomi. Any feedback either on above two or any other as per your experience?

Security & GRCStrategy & Architecture
Read More Comments
1.8k views1 Upvote2 Comments