Healthcare IT Today: Ransomware Preparedness in Healthcare – Are you Doing the Basics?
On March 14, an article on ransomware preparedness in healthcare by NetSPI Managing Director Chad Peterson was featured in Healthcare IT Today. Read a preview below or view it online.
+++
As ransomware attacks become more sophisticated, healthcare organizations have become desirable targets due to the valuable data shared across medical records and the constant need for service availability. In fact, a recent JAMA Health Forum report indicates that from 2016 to 2021, the annual number of ransomware attacks on the healthcare sector more than doubled.
With the rise in these attacks, healthcare organizations must have an in-depth understanding of their security posture, including how breaches may occur and how to take an offensive approach to defend against them. As such, IT administrators must ensure they are addressing basic security needs. They can achieve this by taking the following three foundational steps.
Implement Standard Security Protocols
The first step for IT leaders to ensure ransomware preparedness is to implement security protocols that help prevent attacks before they occur. This includes checking for vulnerabilities and misconfigurations through vulnerability scanning and continuously patching systems when weaknesses are identified. Penetration testing should also be routinely conducted to proactively identify and verify exploitable vulnerabilities in IT systems. Continuous pentesting, which often takes the form of attack surface management, helps identify and protect assets exposed externally.
Awareness of an organization’s potential entry points is especially critical with the increased usage of connected medical devices and telehealth services. Furthermore, the transition to electronic health records (EHRs) has reinforced the need for tightened identity and access management processes. IT administrators should consistently remove user accounts that are no longer needed, implement multi-factor authentication (MFA), and utilize methods of least privilege or role-based access to ensure only appropriate users can access patient data.
Continue reading at Healthcare IT Today for more foundational steps to address ransomware attacks including, how to prepare for a breach and best practices for creating a security awareness program.
Explore More News
VM Blog: Five Security Shifts that Will Define 2026
Joe Evangelisto outlines several critical shifts demanding executive attention. As organizations move from open AI experimentation to governed application, leaders must implement safeguards to manage data exposure and ensure system integrity.
DataCenter Knowledge: Defending at Scale – The Importance of People in Data Center Security
As the demand for AI, cloud computing, and digital infrastructure drives rapid data center expansion, the importance of robust security measures has never been greater. In a recent conversation, Dalin highlights why human factors remain central to effective data center security, even in an era of advanced technology.
Security Week: Exploring AI-Assisted Social Engineering Attacks to Help Prepare Leaders for What Lies Ahead in 2026
SecurityWeek interviewed NetSPI’s Director of Social Engineering, Patrick Sayler, for Cyber Insights 2026 exploring AI-assisted social engineering attacks to help prepare leaders for what lies ahead in 2026.