The healthcare industry needs to accept that it is on them to anticipate these threats, and to adequately prepare for them.
1. Employ Stronger Authentication
We recommend using multi-factor authentication, or even token-based authentication. This is particularly important for reducing vulnerabilities that exist with remote access.
2. Utilize Better Encryption
While stronger encryption is an important way to safeguard data, it’s only effective when paired with careful key management. The devil is in the details and the execution of stringent key management is necessary or the encryption becomes useless.
3. Improve Anti-Phishing Controls
Companies need to do a better job of training employees how to spot phishing attempts. This is the easiest entry point for thieves. It is well worth the time to implement training programs. The most effective method utilizes programs that are set up internally to mimic phishing attacks. This has been shown to be very effective at raising awareness of how to spot phishing attacks and train employees on how to avoid them.
4. Enact Network Segmentation
This is another method companies can use to silo more sensitive data behind more stringent security controls in conjunction with multi-factor authentication.
5. Add Monitoring Systems
By implementing monitoring systems you are able to more quickly detect and respond to attacks. Faster MTTD (Mean Time to Detect) translates into faster MTTR (Mean Time to Respond) and allows you to isolate and minimize the damage.