Upload File

cyber security update for healthcare · cyber security update for healthcare: what you need to...

  • Home
  • Documents
  • Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor
31
Cyber Security Update for Healthcare: What You Need to Know

Upload: others

Post on 28-May-2020

12 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

Cyber Security Update for Healthcare:

What You Need to Know

Page 2: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Derrick Weisbrod

Founding Advisor

Page 3: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Melony Tanko

President/Co-Founder

Page 4: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Learning Objectives

Page 5: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Top 3 breaches of 2017

Number of records breached

Page 6: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Molina Healthcare

Page 7: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Indiana Medicaid

Page 8: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Airway Oxygen

Page 9: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Top 3 Threats

Ransomware

Social Engineering

Phishing

Page 10: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Top 3 Threats

Files are encrypted and held for ransom

Examples like: Wannacry, Cryptolocker, Jigsaw

Often have to revert to backups because paying the ransom is never a good idea

Page 11: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Top 3 Threats

Most commonly occurs via email

Real world example: Wire transfer

Individuals are the target

Page 12: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Criminal actors posing as legit companies

Google and John Podesta

Individuals are the target

Top 3 Threats

Page 13: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Threats over the last 10 years

More sophisticated and effective

Increased financial damage

Target changes from businesses to individuals

Page 14: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

0

100,000,000

200,000,000

300,000,000

400,000,000

500,000,000

600,000,000

700,000,000

2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

Malware in the millions

Total Malware

Page 15: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Malware Detection Sorted by Operating system

Windows Android MacOS Linux Other

Page 16: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

HIPAA Security Rule

Page 17: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

What are the basis for HIPAA Security Rules?

Page 18: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

What does best practice IT mean?

Tools being used

The way you are treated by the IT person

Keeping hardware warrantied

Testing data backups

Patching Systems proactively

Page 19: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Security Tools Used with Best Practice IT

• AV, Malware, IPS, IDS

Business Class Firewall

• In particular, with USB Controls

Business Class Antivirus

Page 20: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Security Tools Used with Best Practice IT

SPAM Filtering

Web Filtering

Keeping Security Subscriptions Maintained

What did Melony tell us about how these threats have changed?

Page 21: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Processes Deployed Best Practice IT

Patching

Operating Systems

Office Productivity

Tools

Other Third Party

Software Installed

Page 22: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Processes Deployed Best Practice IT

Page 23: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Processes Deployed Best Practice IT

Page 24: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Processes Deployed Best Practice IT

Page 25: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Processes Deployed Best Practice IT

Page 26: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Summary

Page 27: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

The Fines

5.5 Million dollars

Memorial Healthcare Systems

Page 28: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

2.5 Million dollars

CardioNet

The Fines

Page 29: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

University of Mississippi Medical Center

2.75 Million dollars

The Fines

Page 30: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT

Why is Security so Important?

Page 31: Cyber Security Update for Healthcare · Cyber Security Update for Healthcare: What You Need to Know. INTRODUCTION THREAT LANDSCAPE MITIGATION FALLOUT. Derrick Weisbrod. Founding Advisor

Thank You

Derrick Weisbrod

Founding Advisor

www.htadvisorsllc.com

Melony Tanko

President/Co-Founder

www.kypher.com


Healthcare Data Under Siege: Ransomware and the Cyber ... › sites › default › files › threatstop... · Healthcare Data Under Siege: Ransomware and the Cyber Threat Landscape

Supporting healthcare organizations in building cyber

National Survey Finds Healthcare Costs and Cyber Security Are … · 2020-06-23 · National Survey Finds Healthcare Costs and Cyber Security Are ... An infographic representation

Contested Environment Healthcare as a Cyber- · Healthcare as a Cyber-Contested Environment National Cyber Summit 2019 Lightning Round Presentation Jeremy B. Blevins, CISSP, CEH Cybersecurity

The Cyber-Pandemic - Panda Security€¦ · many cyber-criminals who have discovered in healthcare the mother-lode of vulnerable industries. The healthcare sector is focused on other

Weisbrod Seidenweberei

ECSO Healthcare Sector Report - ECSO - European Cyber Security … › documents › publications › 5ad7266dc1cba.… · Cyber security for the healthcare sector WG3 I Sectoral

Cyber Threat Landscape: The Healthcare Industry

Advanced cyber-threats need advanced solutions - Fujitsu 17 session 1 - advanced cyber... · Healthcare Home healthcare and hospital ... (i.e. Facebook, Twitter) ... security stays

Cyber Attacks Hit Healthcare - cdn2.esetstatic.com€¦ · Cyber Attacks Hit Healthcare Healthcare Is Under Continuous Attack The healthcare industry is under pressure to advance

Introducing Cyber InFocus. Keeping you one step ahead of ...Healthcare Industry The number of Chubb healthcare cyber-related incidents grew 13 percentage points over the last two years

CIO BAROMETER — HEALTHCARE - Cyber Thoughtspubs.cyberthoughts.org/GBS-WHITEPAPER-HEALTHCARE_AND... · 2014-01-20 · CIO BAROMETER—HEALTHCARE AND CYBERSECURITY: THE PRESSURE’S

GLOBAL CYBER SECURITY IN HEALTHCARE PHARMA SUMMIT · Cyber Security in Healthcare & Pharma Summit The number of cyber-attacks in healthcare is on the rise, and the industry must do

Why cyber-criminals target Healthcare - Panda Security

Cyber Security for Healthcare Exchange Post-Event Report

Dr terbush brief to ucdper cyber terrorism and healthcare

Cyber Hacking in Healthcare & The Best Practices for Securing ePHI in 2015

HEALTHCARE CYBER RISKS AND PRIVACY BREACHES Emergent Problem or Chronic Condition?

Ontology-enabled Healthcare Applications exploiting Physical-Cyber-Social Big Data

Cyber Risk for Healthcare Industry - Aon - Risk - … Risk for Healthcare Industry ... Major healthcare data breaches in USA during the ... Healthcare companies/organizations violating

Cyber protection solutions for 21st century healthcare

RECORD OF PROCEEDINGS - Colorado · Matt Weisbrod Sean Mello Alan Lambert Paige Haderlie Addy Marantino Fund 7306-5 Trustees Present: Kyle Costanzo Levy Burris Matt Weisbrod John

Healthcare Cyber Security and Compliance Guide

Healthcare cyber powerpoint

M&A Cyber Security in the Healthcare Sector · 2019-09-13 · Healthcare Cyber Security What Criminals Want Medical data Personal data User credentials The healthcare industry walks

Healthcare Cyber-Physical System (H-CPS)

Understanding and Mitigating Cyber Attack Risks in …az370354.vo.msecnd.net/whitepapers/HIMSS_Understanding...Understanding and Mitigating Cyber Attack Risks in Healthcare + destructive

Welcome to Chemistry 20 WITH Miss Weisbrod

December 11, 2015 Carl Weisbrod, Chair City Planning ......Dec 11, 2015  · December 11, 2015 Carl Weisbrod, Chair ... 2015 and November 17, 2015, and all relevant ... In addition,

Cyber Healthcare Snapshot

Cyber Threat Trends in Healthcare › assets › doc › Cyber Threat Trends in H… · Cyber Kill Chain by Lockheed Martin. Lesson Learnt •Cyber Attack starts with anybody in the

Cyber Healthcare Snapshot - Worldwide Facilities, LLC · Cyber Healthcare Snapshot VOLUME 4, OCTOBER 2017 CA Lic. #0414108 OVER HALF OF PEOPLE USE GOOGLE TO SELF-DIAGNOSE ILLNESS,

Cyber Risk in Healthcare - Association of Ontario Health ... · PARTNERING TO CREATE THE SAFEST HEALTHCARE SYSTEM Cyber Risk in Healthcare ... Senior Healthcare Risk Management

Cyber Risk Management - Homepage | Healthcare Insurance ... · Cyber Risk Management: A Guide for Healthcare Administrators and Risk Managers. Cyber security incidents in the healthcare

Certificate Course in Cyber Security in Healthcare