PHI data is valuable on the black market because it is very personal static data which allows hackers to easily steal someone’s identity.

With many data breaches, the assumption is often that the intention is merely to sell that information on the black market to identity thieves. However, with some intelligence agencies speculating that the Chinese government could be funding these groups, the end game could be much more serious. The data stolen could be used with social engineering with the goal of infiltrating US Government agencies and technology firms.

Security professionals should consider these types of attacks are imminent and not the exception.

How do healthcare companies prepare for data breaches?

The healthcare industry needs to accept that it is on them to anticipate these threats, and to adequately prepare for them.

1. Employ Stronger Authentication

We recommend using multi-factor authentication, or even token-based authentication. This is particularly important for reducing vulnerabilities that exist with remote access.

2. Utilize Better Encryption

While stronger encryption is an important way to safeguard data, it’s only effective when paired with careful key management. The devil is in the details and the execution of stringent key management is necessary or the encryption becomes useless.

3. Improve Anti-Phishing Controls

Companies need to do a better job of training employees how to spot phishing attempts. This is the easiest entry point for thieves. It is well worth the time to implement training programs. The most effective method utilizes programs that are set up internally to mimic phishing attacks. This has been shown to be very effective at raising awareness of how to spot phishing attacks and train employees on how to avoid them.

4. Enact Network Segmentation

This is another method companies can use to silo more sensitive data behind more stringent security controls in conjunction with multi-factor authentication.

5. Add Monitoring Systems

By implementing monitoring systems you are able to more quickly detect and respond to attacks. Faster MTTD (Mean Time to Detect) translates into faster MTTR (Mean Time to Respond) and allows you to isolate and minimize the damage.