How to Protect Your Organization From a Cyber Attack
By: Jacquie Shapiro, Director, Reinsurance & Programs at Tokio Marine HCC – Cyber & Professional Lines Group
Cyberattacks continue to be of primary concern for business leaders in all sectors. Increased sophistication of cyber criminals, a growing base of connected devices (aka, “the attack surface”), and human vulnerability all contribute to an environment rife with cyber security risks that continue to be exploited by criminals.
Ransomware is a leading cyber crime against health care organizations
A mid-size physician’s practice fell victim to a ransomware attack, in which more than 100 computers were affected. The computers contained confidential patient information, which may have been compromised during the breach. The practice did not pay the ransom and instead focused its efforts on reconfiguring the impacted computers and servers and restoring the data from a backup. Under state privacy laws, the practice was required to notify almost 280,000 patients about the breach. Cyber insurance covered the breach notification costs, which totaled approximately $750,000.
Ransomware, which is a malware used to encrypt data and demand money in return for the decryption key, is one of the leading cyber crimes. Though there are numerous potential causes to a cyber breach, phishing scams and negligence continue to remain prevalent for health care organizations, with ransomware costs significantly increasing, which we anticipate will continue throughout 2021.
Health care organizations hold sensitive information including names, addresses, dates of birth, social security numbers, and insurance information that is significant in value. A medical record on the dark web sells for triple the cost of any other record. Incentivized to earn more, criminals are highly motivated to target health care organizations.
How to protect your organization from a cyber attack
As we cannot predict the course of events, thorough and proactive preparation is imperative. While cyber insurance is one of the primary means of mitigating costs, there are also new tools, processes and technologies that organizations should employ to protect themselves and prevent potential losses including:
- Implementing next-generation cloud enabled endpoint protection, such as the one provided by CrowdStrike, is highly effective in protecting systems against network ransomware variants.
- Requiring two Factor Authentication (2FA), such as the one offered by Duo, on all remote access to your network adds a protective barrier to entry.
- Disabling unnecessary remote desktop gateways.
- Making sure you have segregated offsite/backups, such as the one offered by Datto. The likelihood of having to pay a ransom is dramatically reduced if there is an intact backup solution to recover the data.
- Applying Spam filtering and email configuration to block phishing attacks.
- Providing employee phishing training and simulations to help keep staff aware of potential risks and to keep them informed on the current state of cyber security risks.
These solutions are at the core of staving off ransomware events and network infiltration. With every passing day, the lines between professional best practices and cyber risk management become more and more blurred. We believe that actualizing a few simple tactics and tools can be effective, measurable and achievable.
Resources like CyberNET® can help a practice understand the cyber risks you face with access to best practices, compliance and incident response guidelines, sample policies, and vendor agreement templates.
CyberNET is available to all MMIC, UMIA and Arkansas Mutual policyholders and can be accessed after signing into your account at ConstellationMutual.com. Go to Risk Resources > Tools & Resources > Cyber Prevention Resources.
Constellation is a trademark of Constellation, Inc.
Latest Blog Articles
Disrespectful and unprofessional behaviors have long been an identified problem in health care and they negatively impact culture, safety and risk.
A whole new world of vulnerabilities opened up to cyber criminals when COVID-19 triggered a near-universal pivot to remote work. Unsecure Remote Desktop Protocol ports can leave your organization at risk.