How are you approaching security challenges in the healthcare space?

930 views1 Upvote6 Comments

CISO in Software, 51 - 200 employees
What are your risks for those lab machines?
CISO in Software, 51 - 200 employees
There's a company that I recently learned about for ransomware called Airgap Networks. They can map out your entire environment. They can show you what your machines are connected to, or have the ability to connect to throughout your network. And it can make a rule saying, hey, this Windows PC doesn't need to connect to all this stuff. It should only connect to printers and file shares so you can block all those other connections. In addition, if an attacker does get in somehow, if you try to go to the next machine, it's going to stop you and make you authenticate via MFA. So, that's going to slow the people down. And then if all that fails and you see ransomware proliferation throughout your network, there's an easy stop button. You pre-program that button to protect all of your crown jewels (file servers, database servers, everywhere your IP is). When you hit that stop button it allows everyone to continue to work, but it stops everybody from accessing all those key systems until you figure out what the heck is going on. Everybody else I talked to about ransomware only offers to restore your system through one drive and I don't want to do that in the first place.
1 1 Reply
Managing Director, 1,001 - 5,000 employees

Those prevention mechanisms are key. I've seen a lot of cybersecurity incidents happen and the root cause analysis of them. There's a lot of entry ways, but air gapping and having MFA in place, and of course having your backups, are the key ways to be able to prevent it.

Senior Information Security Manager in Software, 501 - 1,000 employees
I am not in the healthcare space but have a lot of friends who are.


Any everyone who is in healthcare security is concerned with ransomware. It is the biggest challenge they are facing now, and will be a massive concern in 2021.
1 1 Reply
CEO in Software, 11 - 50 employees

Agree. My experience is that Ransomware doesn’t discriminate. Everyone is getting impacted. Perhaps Healthcare pays (urgency) and hence a better target.

Director of Information Security (ISO) in Software, 51 - 200 employees
I’ve aligned our company to comply with the CSF as well as blended in other frameworks

Content you might like

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks58%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls32%

Not planning to change endpoint security strategy10%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
41k views131 Upvotes319 Comments