By Bryan Aten
In 2019, IBM commissioned a study on the costs of data breaches. It found that no sector of the global economy suffered from data breaches worse than healthcare, which was followed closely by the financial services industry. The cost of a breach for financial service companies in 2019 was nearly $6 million.
Those numbers have only ticked up in the ensuing years. IBM’s 2022 update reported that the average breach of a U.S. company now costs nearly $9.5 million. The leading cause of data breaches are, by far, hackers and malware, and their most devastatingly effective tool for extracting data and money from their victims is the dual threat of phishing and ransomware.
Growing Ransomware Risks for Sensitive Industries
Unsuspecting users are routinely duped by malicious hackers, which often operate out of large and well-organized cybercrime networks.
Attackers send electronic communications that appear to come from legitimate sources but which are actually elaborate traps that steal their credentials and use them to access sensitive networks. Once inside, the intruder can exfiltrate information and plant ransomware that locks down all data unless a ransom is paid (and often not even then).
Further complicating things, the rise in remote work in the post-pandemic era and the growing number of new endpoints to serve remote workforces has drastically increased the attack surface of healthcare and finance organizations that were already experiencing an uptick in breach attempts.
Knowing the dangers is the first step towards avoiding them. Here are the most important countermeasures that every healthcare and finance organization needs to prioritize:
Map All Digital Assets
You can’t protect what you can’t see. All networks, systems, and devices under the organization’s management need to be routinely scanned for changes.
Not all data is of equal value to cybercriminals. They target personally identifiable information (PII) and sensitive business data repositories preferentially. That means those datasets need the extra protection of network segmentation that keeps them separate from more mundane and lower risk data.
Multifactor authentication (MFA) requires users to combine multiple credentials to gain access to a secure network. That might be a password plus a physical security token, a biometric marker like a fingerprint or face scan, or a temporary passcode delivered by email or text.
Train for Cybersecurity Awareness
Simulated phishing attacks, security webinars, and other informative interventions help teach team members security best practices (like never clicking suspicious links), the importance of complying with data protection laws, and how to spot common attacks.
Rely on the Principle of Least Privilege
Limit the number of users with broad authority to the lowest possible number. Give users access only to the networks and services they need and none they don’t.
Instill a Security-first Culture
Comprehensive security requires more than tools and expertise. It takes the combined diligence of an entire organization. Hackers only need one weak link to gain access, which is why it’s so important that there is awareness and buy-in from the top down regarding the seriousness of implementing security measures.
Offer VPN Access
Virtual Private Networking (VPN) is a secure means for remote teams to connect with the home office when full end-to-end encryption is not available to them.
Scan For Vulnerabilities
Virtually every major digital tool today gets regular software updates. Many of those updates are specifically to close newly discovered security exploits. A failure to check at least daily for new updates and patches is one of the most avoidable and inexcusable risk factors.
Penetration testing (pentesting), also known as ethical hacking, involves simulated cyber attacks that are intended to expose gaps in an organization’s defensive perimeter.
Even the most secure networks in the world aren’t impenetrable, and, sooner or later, most organizations will eventually fall prey to a cybercriminal. Knowing that makes it all the more urgent that organizations keep redundant backups (including at least one copy offsite) that are secure and accessible 24/7. And, just as importantly, they must have tested disaster recovery plans in place to respond rapidly to any event.
Plan for Incident Response
The middle of an emergency is the wrong time to wonder who is in charge and what steps to take. An exhaustive incident response plan is necessary to avoid confusion and delay in mitigating damage. The Cybersecurity and Infrastructure Security Agency (CISA), an agency of the Department of Homeland Security, hosts some helpful guides on its website outlining what a smart plan might look like.
The Most Targeted Industries Need More Protection
There’s a simple reason why healthcare and finance firms are so attractive to cybercriminals: they are richer with sensitive and valuable data (e.g. Social Security numbers, bank account numbers, contact information, medical records) than many other industries. The giants of ecommerce pride themselves on knowing many intimate details about their customers and users, but knowing someone’s shoe size or color preferences isn’t as sensitive as knowing their private health history or how they are investing for their retirement.
Both healthcare and finance have also invested aggressively in new, mobile and cloud-based apps and services that are now crucial to optimizing their user experience but which increase their exposure to cyberattacks. Moreover, cybercriminals are well aware that a great many of these organizations are failing to adequately guard against their attacks. A 2021 Verizon study revealed that the success rate for cyberattacks on the healthcare industry is 67%.
What’s clear is that every business today, but especially those in industries under constant attack, needs to do a much better job at cybersecurity. Fortunately, with the right guidance and technologies, they can.
Razor Technology is your trusted IT managed service provider. Save time and money on your IT and cloud services by calling Razor Tech today.