“CISOs need to look at any connected asset as a potential target,” the report states. “This includes electronic medical-record systems, medical devices, payment processing systems, and more.”
Increased visibility into endpoints such as these can provide organizations with actionable insights while also helping them to prevent threats.
Perform Regular System Audits and Vulnerability Assessments
Among surveyed healthcare organizations, 66 percent believe that cyberattacks have grown more sophisticated over the past year.
The report examines multiple types of sophisticated intrusions, from fileless attacks and destructive attacks to island hopping, which allows an attacker to set up command posts across a network, rendering it ineffective.
The report states that 33 percent of surveyed healthcare organizations say they’ve encountered instances of island hopping on their enterprise networks over the past year.
One way to counter attacks such as these is by conducting frequent threat hunting.
“With the risk of island hopping ever-present, you should be auditing systems regularly and establishing remediation steps across all your security infrastructure,” notes the report.
Back Up Your Data to Ensure Its Not at Risk
Even after taking all the necessary steps to prepare for a cyberattack, an organization still might have to face the unthinkable.
Consider the current landscape: Of the organizations surveyed for the report, 83 percent say they witnessed an increase in cyberattacks in the past year; 66 percent say that they were targeted by a ransomware attack in the past year; and nearly half say they witnessed attacks where destruction of data was the primary motivation.
That’s why healthcare organizations must take a pre-emptive approach with their data and prepare for the worst.
“Destructive attacks, including ransomware, don’t need to destroy your business,” the report states. “Employ best practices for data backup to ensure your data is never at risk.”