protecting ephi: log monitoring & hipaa | controlscan

Early Detection is Key:

Log Monitoring's Role Under HIPAA

PRESENTATION

PREVIEW

A Perfect Storm is Brewing in Healthcare

Steve RobbSVP, Security Marketing & Products

ControlScan

Harrison MidkiffSales Engineer

LogRhythm

Marc PunziruduManager, Security Consulting Services

ControlScan

COMPANY CONFIDENTIAL

The Growing Cyber Threat to Healthcare

The Modern Cyber Threat Pandemic

$7 to $8Cloud Accounts

$50per Healthcare Record

WELL-ESTABLISHED CYBER-CRIME ECONOMY

MOTIVATED AND WELL-FUNDED THREAT ACTORS

Terrorists Nation States

MaliciousInsiders

HacktivistsOrganizedCrime

CREATIVE AND SOPHISTICATED ATTACKS

Zero-Day Exploits

CustomMalware

Social Engineering

Physical Compromise

Spear-Phishing

EXPANDING ATTACK SURFACE

Endpoint Network Cloud and SaaS

MobileDevices

Users IoT

$0.50 to $20Credit Card Number,E-mail Accounts (per 1000)

Up to $3,500Custom Malware

Up to $1,000 / dayDDoS Attack

DDoS

MODERNTHREAT

LANDSCAPE

Source Symantec, Underground black market: Thriving trade in stolen data, malware, and attack services. December 10, 2014; Medscape, Stolen EHR Charts Sell for $50 Each on Black Market, April 28, 2014

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://www.123rf.com/photo_12155090_set-of-criminals-persons-illustration.html&ei=zHNoVYT5HYex7QburYGIBA&psig=AFQjCNGneuU9xHJW-5FEzlDoiDvHTCkFvQ&ust=1432995138624680

http://www.google.co.uk/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRw&url=http://www.shutterstock.com/s/terrorist/search.html&ei=dHNoVb7ABaXN7QbnvIPYCg&psig=AFQjCNHdPNkWtd9zBrdF_CUPPi7CLE7S-g&ust=1432995014835866

The Healthcare Industry is Not Immune!

Early breaches tied to

carelessness and petty theft……and ransom demands

• $17,000 ransom

• Mac McMillan, CEO - “It's easy to stand on principle when

you are not the one looking down the barrel of the ransom

demand."

Hollywood Presbyterian Medical Center

Latest breaches organized around

data harvesting…

• As many as 4.5 million patient records

• Could have started as early as September 2014

UCLA Medical Center

COMPANY CONFIDENTIAL

Establishing a Security Strategy

Log Monitoring Within the Healthcare Industry

LogRhythm Security Intelligence Platform

Nurse Station

Radiology Pharmacy

Oncology

EHR

BiomedDevice

5 Arguments for Security as a Service

Eyes on Security

Continuous monitoring

Shared insight

Rapid response

Solution Evolution

Scalable with business

Adaptable to threats

Growth in capability

Best Practices,

Proven Processes

Predictable deployments

Dependable operations

Consistent SLAs

Access to Experts

On-demand security talent

Integrated compliance knowledge

Leveraged experience

Financial Flex

Minimal up-front investment

Reduced hiring/retention costs

Fractional SOC costs

Q&A + Learn More

ControlScan.com

800-825-3301, ext. 2

Be social with us!

Access the complete presentation at:

https://www.controlscan.com/log-monitoring-under-hipaa/

https://www.controlscan.com/

https://www.controlscan.com/







