Health sector
cybersecurity
Zero Trust Can Help Address Ransomware in Health Sector, Officials Say
Organizations might better address ransomware using a combination of basic cyber hygiene and zero trust security, health care executives said.
Rob Wood, chief information security officer at the Centers for Medicare and Medicaid Services, said that limiting resource access can slow the spread of malware in a compromised network, GovernmentCIO Media & Research reported.
He recommended that organizations identify their most critical systems and operations to maximize the impact of their cybersecurity investments.
“It’s smaller, isolated work that you can get done quickly, show return on investment and also protect what really matters,” Wood said during GovernmentCIO Media & Research’s CyberScape: Health Care virtual event.
Wood added that each part of the health care sector faces its own set of challenges in cybersecurity maturity.
St. Joseph’s/Candler, a hospital system in Savannah, Georgia, suffered a ransomware attack on June 17 and was forced to switch to pen and paper, local news station WSAV reported.
The critical nature of patient medical data makes them highly valuable in the black market, according to a health policy specialist from Rutgers University.
Professor Soumitra Bhuyan added that doctors do not want to inconvenience themselves with multi-factor authentication and other such security measures when accessing patient data, Savannah Morning News reported.
Jim Jones, a digital forensics assistant professor at George Mason University, attributed the increase in ransomware to the low barrier of entry for its business model.
Criminal hackers are not wedded to a particular business model and were able to switch to target the health care sector when the opportunity presented itself, Jones added.
Category: Digital Modernization