Preparing Healthcare for Ransomware Attacks: A 12-Step Approach by Dr. Eric Liederman

Dr. Eric Liederman, CEO of CyberSolutionsMD, emphasizes that healthcare organizations must be prepared for ransomware attacks with a structured approach, describing it as akin to a “12-step program.” He highlights that relying solely on protective measures is insufficient since all protections have the potential to fail. Instead, planning and creating a sense of urgency is key to successfully handling a cyberattack.

According to Liederman, organizations should anticipate losing access to critical systems and have a strategic recovery plan in place.

One of the most important components of such a plan is designating roles and responsibilities for the organization’s response. During an attack, the Chief Information Security Officer (CISO) essentially takes on the role of CEO, dictating the course of action for the entire organization. Liederman says the CISO must tell people which systems are still usable and what must be shut down.

The CEO, in this situation, plays a supporting role, asking what’s possible and what needs to be done to protect operations.

A significant misconception Liederman has observed is the assumption that analog systems like phones and fax machines will continue functioning during a ransomware attack. Often, these systems rely on the same infrastructure as other compromised technology. For example, phone systems that seem analog still resolve to an IP address, which means they could be rendered useless along with other internet-based systems.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents