Employees of Hollywood Presbyterian Medical Center received a nasty surprise on February 5 when they discovered that a hacker had infiltrated the network and taken the computer systems hostage using ransomware. In exchange for the decryption key, the hacker demanded 40 bitcoins, which is approximately $17,000. In the interest of restoring the network quickly, the CEO decided to pay the ransom.
The hospital reported that patient care wasn’t compromised, but the incident is yet another example of the sobering prevalence and potential impact of cybersecurity threats.
While some organizations are greater targets for security breaches because of the type of data they handle and its value on the black market (healthcare and financial organizations are prime targets), no business is impervious to cybersecurity threats. Here are five of the most important things you can do to prevent or minimize the impact of a cybersecurity breach on your company.
Protect the Perimeter
The most effective way to prevent the spread of malware is to thwart it before it penetrates the network. This might seem obvious, but even big firms lack adequate security protection. Make sure your business uses a perimeter anti-virus that can filter out viruses at the network edge in a complementary manner to PC-based anti-virus services.
Sometimes, though, even if a business is using anti-virus software, malware breaches the perimeter and resides in the network unnoticed. That’s what happened in the infamous Anthem breach — the hack is estimated to have started as early as April 2014, but it wasn’t discovered until January 2015. To prevent an ongoing breach, implement intrusion prevention services that inspect, quarantine and log any suspicious activity.
Beware of Outdated Software
In a recent survey, Cisco technicians analyzed 115,000 of its devices installed in customer environments, viewing them as they would be seen from the Internet. They discovered that 92 percent of the devices examined were running software with 26 vulnerabilities on average. They also found that some customers in the financial, healthcare and retail sectors were running outdated software.
Because software updates usually include patches for newly discovered vulnerabilities, running earlier versions of the software could leave your network susceptible to a security breach. Be sure to install updates as soon as they’re available.
As one senior managing consultant for an e-discovery firm points out, just because a hacker is successful at breaching your network perimeter doesn’t necessarily mean your critical or sensitive data has been compromised.
To protect your sensitive data, however, it needs to be encrypted. You should also maintain full backups of your IT environment. Backups are crucial if your network is taken hostage by ransomware, as Hollywood Presbyterian Center’s was. In this scenario, you can avoid paying the ransom by restoring your network from a backup. As a caveat, this strategy won’t work if your backups have also been infected by malware — another reason having intrusion detection services is important.
Human error accounts for about 52 percent of the root cause of security breaches. When it comes to cybersecurity specifically, phishing is a major culprit. Most computer-literate people are aware that they shouldn’t click links in suspicious emails or enter information on web pages that appear untrustworthy, but hackers are becoming more sophisticated in their methods, and it’s becoming harder for people to spot phishing attempts.
Whaling is especially notorious for scamming employees. In this phishing method, highly customized emails containing the target’s name, job title or other information are sent to a high-profile recipient (usually a C-level executive) from a source that mimics a person or entity the recipient is familiar with.
To help your employees avoid making a critical error or being duped by hackers, make sure you educate employees on handling sensitive data with care and on how to identify phishing emails. Also, give them a clearly outlined process for reporting any suspicious emails.
Give Employees a Secure Way to Work Remotely
It’s rare nowadays for a company not to have some employees that work remotely at least part of the time. However, if those employees connect to public Wi-Fi networks to do their jobs, they’re putting your company data at risk if they don’t take the proper precautions.
Ideally, your employees should have the ability to access your network through a company virtual private network (VPN), which encrypts traffic between the employee’s device and the business’s network.
These recommendations are only scratching the surface of a thorough, effective cybersecurity plan. For more tips, review the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool, which the FFIEC released last year as an appendix to its IT Examination Handbook.