On March 14, an article on ransomware preparedness in healthcare by NetSPI Managing Director Chad Peterson was featured in Healthcare IT Today. Read a preview below or view it online.


As ransomware attacks become more sophisticated, healthcare organizations have become desirable targets due to the valuable data shared across medical records and the constant need for service availability. In fact, a recent JAMA Health Forum report indicates that from 2016 to 2021, the annual number of ransomware attacks on the healthcare sector more than doubled. 

With the rise in these attacks, healthcare organizations must have an in-depth understanding of their security posture, including how breaches may occur and how to take an offensive approach to defend against them. As such, IT administrators must ensure they are addressing basic security needs. They can achieve this by taking the following three foundational steps.

Implement Standard Security Protocols

The first step for IT leaders to ensure ransomware preparedness is to implement security protocols that help prevent attacks before they occur. This includes checking for vulnerabilities and misconfigurations through vulnerability scanning and continuously patching systems when weaknesses are identified. Penetration testing should also be routinely conducted to proactively identify and verify exploitable vulnerabilities in IT systems. Continuous pentesting, which often takes the form of attack surface management, helps identify and protect assets exposed externally.

Awareness of an organization’s potential entry points is especially critical with the increased usage of connected medical devices and telehealth services. Furthermore, the transition to electronic health records (EHRs) has reinforced the need for tightened identity and access management processes. IT administrators should consistently remove user accounts that are no longer needed, implement multi-factor authentication (MFA), and utilize methods of least privilege or role-based access to ensure only appropriate users can access patient data. 

Continue reading at Healthcare IT Today for more foundational steps to address ransomware attacks including, how to prepare for a breach and best practices for creating a security awareness program.