What Healthcare Leaders Need to Do Now About Ransomware

If ransomware is not a topic of conversation around any healthcare organization’s boardroom table, directors and senior executives may be exposing the organization (and themselves) to considerable risk. Here’s a guide to ransomware trends for 2022 and steps healthcare leaders can take to help protect their organizations. The risk of a ransomware attack in 2022 is substantial, with gangs specializing in targeting the healthcare sector. Ransomware attacks are on the rise against business associates that, in turn, affect healthcare organizations. Mitigating ransomware risk In reality, adequately funded and effectively run IT security operations mitigate the risk of ransomware attacks and data breaches. Healthcare leaders don’t have to become cybersecurity expert to gain a core understanding of an organization’s security posture and level of ransomware risk. Find out if the responsible parties are taking both strategic and tactical approaches to layered security and if standards from bodies such as the International Standards Organization (ISO) and the National Institute of Standards and Technology (NIST) are being met as well as rules and regulations affecting your operations, such as HIPAA for data privacy and PCI DSS for credit card payments. 3. Does your organization have detection and response capabilities to rapidly shut down ransomware, data breaches, and other cyber threats? Employee anti-phishing training and simulated phishing tests are an increasingly important security layer that any healthcare organization should have in place. Act now to understand your organization’s ransomware risk Addressing these critical questions with IT leadership could very well protect an organization from paying up in the long run and exposing patients’ personal and health information to theft. To properly secure the sensitive and valuable information entrusted to any organization, healthcare leaders must identify any weak points. For a deeper dive into what ransomware protection requires, consult these mitigation guidelines from the multi-national Cybersecurity & Infrastructure Security Agency.