{"id":35608,"date":"2024-05-30T18:40:48","date_gmt":"2024-05-30T18:40:48","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=35608"},"modified":"2024-06-21T14:09:35","modified_gmt":"2024-06-21T14:09:35","slug":"cybersecurity-lessons-from-security-breaches-in-healthcare","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/","title":{"rendered":"Cybersecurity Management Lessons from Healthcare Woes"},"content":{"rendered":"\n<p>Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. Examining the available details of these breaches will help you learn key lessons from their pain to avoid suffering the same humiliating and expensive situations.<\/p>\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6e40ae95c5\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6e40ae95c5\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#Recent-Healthcare-Attacks-Breaches\" title=\"Recent Healthcare Attacks &amp; Breaches\">Recent Healthcare Attacks &amp; Breaches<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#5-Key-Cybersecurity-Management-Lessons-to-Learn\" title=\"5 Key Cybersecurity Management Lessons to Learn\">5 Key Cybersecurity Management Lessons to Learn<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#Bottom-Line-Learn-Healthcares-Lessons-Before-Suffering-Pain\" title=\"Bottom Line: Learn Healthcare\u2019s Lessons Before Suffering Pain\">Bottom Line: Learn Healthcare\u2019s Lessons Before Suffering Pain<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Recent-Healthcare-Attacks-Breaches\"><\/span>Recent Healthcare Attacks &amp; Breaches<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Large breaches affected over <a href=\"https:\/\/www.hhs.gov\/about\/news\/2023\/10\/31\/hhs-office-civil-rights-settles-ransomware-cyber-attack-investigation.html\" target=\"_blank\" rel=\"noreferrer noopener\">88 million individuals in the USA in 2023, a 60% increase from 2022<\/a>. 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Ascension Healthcare Ransomware Shutdown<\/h3>\n\n\n\n<p>Unusual activity detected on May 8, 2024, <a href=\"https:\/\/about.ascension.org\/cybersecurity-event\" target=\"_blank\" rel=\"noreferrer noopener\">caused Ascension healthcare to shut down<\/a> affected systems, notify authorities, and engage cybersecurity professionals. The attack caused major disruptions throughout the non-profit healthcare provider that operates 140 hospitals and 40 senior care facilities in 19 states plus the District of Columbia. Unfortunately, the disruptions remain unresolved in many places significantly affecting patient welfare.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Known Disruption &amp; Damages<\/h4>\n\n\n\n<p>Ascension Healthcare continues to publicly disclose initial disruptions, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Disrupted operations:<\/strong> Cited issues include diverted ambulances for emergency services, inoperative phone systems, and disrupted clinical operations.<\/li>\n\n\n\n<li><strong>Unavailable health records:<\/strong> All electronic patient information became unavailable, including the MyChart patient self-service database, hospital records, and the systems used to order tests, procedures, and medications.<\/li>\n\n\n\n<li><strong>Canceled treatments:<\/strong> The network paused all elective procedures for the first week and delayed providing the results of many completed medical tests.<\/li>\n<\/ul>\n\n\n\n<p>The <a href=\"https:\/\/www.freep.com\/story\/news\/health\/2024\/05\/21\/ascension-hospital-hack-ransomware-cyber-attack\/73776557007\/\" target=\"_blank\" rel=\"noreferrer noopener\">Detroit free press interviewed stressed employees<\/a> who complained of \u201cwaiting four hours for head CT (scan) results on somebody having a stroke or brain bleed.\u201d Others complained that multiple patients received the same temporary medical records, so there\u2019s no confidence that blood test results will match the correct patients.<\/p>\n\n\n\n<p><a href=\"https:\/\/edition.cnn.com\/2024\/05\/10\/tech\/cyberattack-ascension-ambulances-hospitals\/index.html\" target=\"_blank\" rel=\"noreferrer noopener\">CNN reported<\/a> the Black Basta ransomware gang performed the attack, although the company hasn\u2019t officially confirmed the information. As of the last official confirmation on May 21, many facilities still operate using paper, many pharmacies remained closed and unable to supply medicine, and talks with vendors and partners to <a href=\"https:\/\/www.beckershospitalreview.com\/cybersecurity\/ascension-kicks-off-cyberattack-restoration-meetings.html\" target=\"_blank\" rel=\"noreferrer noopener\">reconnect systems just started<\/a>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Exposed Technical Issues &amp; Other Consequences<\/h4>\n\n\n\n<p>No clear information on the specific entry or the specific systems infected, so we can\u2019t speculate about the potential breach or cause. However, it\u2019s obvious that Ascension failed to restore systems quickly or accurately. This betrays a lack of preparation for <a href=\"https:\/\/www.esecurityplanet.com\/products\/disaster-recovery-solutions\/\">disaster recovery<\/a> and ineffective <a href=\"https:\/\/www.esecurityplanet.com\/networks\/types-of-penetration-testing\/\">penetration testing<\/a> of systems.<\/p>\n\n\n\n<p>Ascension might try to blame financial troubles for lack of preparation. Ascension <a href=\"https:\/\/about.ascension.org\/news\/2023\/09\/ascension-releases-fy23-financial-results\" target=\"_blank\" rel=\"noreferrer noopener\">lost $2.66 billion<\/a> on <a href=\"https:\/\/www.fiercehealthcare.com\/providers\/ascension-improves-recurring-operations-1b-fy24s-9-month-mark#:~:text=It%20employs%20about%20132%2C000%20people,year%20ended%20June%2030%2C%202023.\" target=\"_blank\" rel=\"noreferrer noopener\">$28 billion in revenue<\/a> in 2023, and cost cutting efforts narrowed the loss to $237.8 million for the first three quarters of FY 2024. However, this attack also comes three years after Ascension <a href=\"https:\/\/www.youtube.com\/watch?v=FWBfNECTmYk\" target=\"_blank\" rel=\"noreferrer noopener\">fired hundreds of local IT staff<\/a> in a cost-cutting effort to outsource IT services to India.<\/p>\n\n\n\n<p>Outsourcing alone doesn\u2019t cause problems, but perhaps the Ascension\u2019s management needs to make IT a larger priority. For the most recent year available, Ascension\u2019s <a href=\"https:\/\/projects.propublica.org\/nonprofits\/display_990\/311662309\/download990pdf_07_2022_prefixes_27-39%2F311662309_202106_990_2022071820229716\" target=\"_blank\" rel=\"noreferrer noopener\">2021 Form 990<\/a> shows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>$13 million in CEO compensation for Joseph Impicciche<\/li>\n\n\n\n<li>$22 million in executive compensation for the next 8 highest paid executives<\/li>\n\n\n\n<li>$6.4 million in information technology expenses<\/li>\n\n\n\n<li>$1.3 million in consulting fees potentially for IT including $987k earned by World Wide Technology, a St.Louis IT services provider, and $306k for Accenture.<\/li>\n<\/ul>\n\n\n\n<p>IT should never be the top expense for a healthcare organization. Still, after massive disruption and impact on patient welfare, it\u2019s very difficult for Ascension to justify why the CEO earns roughly twice as much compensation as the organization\u2019s investment in IT and the top 9 executives earn almost 580% of the IT spend at a non-profit organization.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Change Healthcare Ransomware<\/h3>\n\n\n\n<p>The United Healthcare Group (UHG) acquisition of Change Healthcare in 2022 started paying the wrong type of dividends this February when stolen credentials led to over $870 million in damages. The costs, affected patients, and consequences continue to be tallied.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Known Disruption &amp; Damages<\/h4>\n\n\n\n<p>Ransomware attackers used stolen credentials to access a Change Healthcare Citrix portal setup without any multi-factor authentication (MFA) protection. Within nine days, the attackers <a href=\"https:\/\/www.unitedhealthgroup.com\/newsroom\/2024\/2024-04-22-uhg-updates-on-change-healthcare-cyberattack.html\" target=\"_blank\" rel=\"noreferrer noopener\">navigated laterally through the network<\/a> and executed a ransomware attack that shut down Change Healthcare\u2019s processing and payment service that facilitates orders and payments for pharmacies, hospitals, and clinics nationwide.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.sec.gov\/Archives\/edgar\/data\/731766\/000073176624000146\/a2024q1exhibit991.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Disclosed damages<\/a> and costs include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>4TB of stolen data<\/li>\n\n\n\n<li>$22 million in paid ransom<\/li>\n\n\n\n<li>$593 million direct response costs<\/li>\n\n\n\n<li>$279 billion in business disruptions<\/li>\n\n\n\n<li>$1.6 billion in total potential damages by year-end<\/li>\n<\/ul>\n\n\n\n<p>Although the impact on Change Healthcare and UHG will be quantified for the US Security Exchange Commission (SEC), the impact on the US healthcare industry is more difficult to measure. CNN interviewed <a href=\"https:\/\/www.cnn.com\/2024\/03\/09\/tech\/medical-supply-chain-cybersecurity\/index.html\" target=\"_blank\" rel=\"noreferrer noopener\">small practitioners stranded without payments<\/a>, and UGH wound up providing $6.5 billion in advanced financing to thousands of providers by April.<\/p>\n\n\n\n<p>UGH admits to paying $22 million to the ALPHV (aka: BlackCat) ransomware-as-a-service (RaaS) group to prevent patient records from being leaked to the internet. Unfortunately, the ALPHV gang posted a faked law-enforcement take-down notice on their site and disappeared. The \u2018notchy\u2019 affiliate that executed the breach didn\u2019t receive their payment and took the data to a new RaaS gang known as RansomHub, which <a href=\"https:\/\/x.com\/DarkWebInformer\/status\/1777309715984244761\" target=\"_blank\" rel=\"noreferrer noopener\">began leaking patient data<\/a>.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Exposed Technical Issues &amp; Other Consequences<\/h4>\n\n\n\n<p>The initial information exposes the critical importance of using MFA to protect remote access systems and testing backup systems for disaster recovery. Companies should also use free tools available to them. Hudson Rock, a cybercrime intelligence tool vendor with free services, posted that <a href=\"https:\/\/www.linkedin.com\/feed\/update\/urn:li:activity:7191082984588943362\/\" target=\"_blank\" rel=\"noreferrer noopener\">they detected Citrix credentials<\/a> stolen from Change Healthcare using infostealers a day after the initial attack.<\/p>\n\n\n\n<p>UHG didn\u2019t do itself any favors with their communication strategy. In <a href=\"https:\/\/www.unitedhealthgroup.com\/content\/dam\/UHG\/PDF\/investors\/2023\/UNH-Q4-2023-Form-10-K.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">UHG\u2019s 10-K filing<\/a> with the SEC at the end of February, the CEO signed off on a statement that claimed \u201cas of the date of this report, we have not determined the incident is reasonably likely to materially impact our financial condition or results of operations.\u201d While this denies certainty, it also implies that UHG still hoped that they could avoid financial repercussions for a nationwide outage.<\/p>\n\n\n\n<p>Predictably, <a href=\"https:\/\/www.finance.senate.gov\/hearings\/hacking-americas-health-care-assessing-the-change-healthcare-cyber-attack-and-whats-next\" target=\"_blank\" rel=\"noreferrer noopener\">the US Congress soon called<\/a> upon Andrew Witty, <a href=\"https:\/\/www.fiercehealthcare.com\/payers\/unitedhealth-ceo-andrew-witty-was-2023s-highest-paid-payer-ceo-heres-what-his-peers-earned#:~:text=UnitedHealth%20Group%20CEO%20Andrew%20Witty%20has%20climbed%20to%20the%20top,includes%20a%20%241.5%20million%20salary.\" target=\"_blank\" rel=\"noreferrer noopener\">the top paid healthcare CEO<\/a> with a compensation of more than $23 million, to testify about healthcare breaches. Witty\u2019s testimony admits that the healthcare provider can\u2019t identify the exfiltrated data or affected patients. Senator Thom Tillis replied, \u201cshame on internal audit and external audit and your systems folks tasked with redundancy. They\u2019re not doing their job. And as a result we have a data breach.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Other Healthcare Ransomware Attacks<\/h3>\n\n\n\n<p>While the sheer scale and scope of the Ascension and Change ransomware attacks steal the headlines, many other healthcare providers also suffered attacks this year. Notable other events include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>London Drugs:<\/strong> Shut down all pharmacy locations in western Canada in response to a late April ransomware attack; nearly a month later, <a href=\"https:\/\/www.londondrugs.com\/pharmacy-reopening-details.html\" target=\"_blank\" rel=\"noreferrer noopener\">some stores still can\u2019t process prescriptions<\/a> although all stores now have reopened.<\/li>\n\n\n\n<li><strong>MediSecure:<\/strong> Took down the Australian prescription website after an incident <a href=\"https:\/\/www.theregister.com\/2024\/05\/17\/medisecure_ransomware_attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">originating from a third-party vendor<\/a> allowed a ransomware attack to strike the organization.<\/li>\n\n\n\n<li><strong>Group Health Cooperative of South Central Wisconsin:<\/strong> Experienced an attack that failed encryption but still <a href=\"https:\/\/ghcscw.com\/notice-of-data-privacy-event\/\" target=\"_blank\" rel=\"noreferrer noopener\">stole the data of 530,000 individuals<\/a>.<\/li>\n<\/ul>\n\n\n\n<p>These attacks don\u2019t offer many details to learn specific technical lessons, but they highlight that attackers pursue all sizes of organizations anywhere in the world.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Non-Ransomware Breaches<\/h3>\n\n\n\n<p>Given all the noise about ransomware, it can be easy to forget that there are other attacks and causes of breaches. While the damage might be reduced, the public embarrassment and fines will still cause reputation damage and potential business losses.<\/p>\n\n\n\n<p>Notable alternative sources disclosed this year include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Email account compromise:<\/strong> The Los Angeles County Department of Health Services disclosed the <a href=\"https:\/\/www.documentcloud.org\/documents\/24608719-la-county-department-of-health-services-data-breach-notification-letter\" target=\"_blank\" rel=\"noreferrer noopener\">data breach letter<\/a> to individuals affected by a phishing attack that stole credentials and gained access to 23 employee email mailboxes.<\/li>\n\n\n\n<li><strong>Online trackers:<\/strong> Kaiser Permanente <a href=\"https:\/\/ocrportal.hhs.gov\/ocr\/breach\/breach_report.jsf\" target=\"_blank\" rel=\"noreferrer noopener\">disclosed a HIPAA breach<\/a> of 1.34 million patient\u2019s information caused by a third party tracker installed on the Kaiser patient portal.<\/li>\n\n\n\n<li><strong>Social engineering:<\/strong> The US Office of Information Security <a href=\"https:\/\/www.hhs.gov\/sites\/default\/files\/help-desk-social-engineering-sector-alert-tlpclear.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">issued a sector alert<\/a> to warn of threat actors using social engineering tactics on the IT help desks for healthcare and public health providers to gain access to systems and hijack payments.<\/li>\n<\/ul>\n\n\n\n<p>Note that only two of these breaches stem from external attacks. Kaiser Permanente intentionally added the third-party tracker that caused the data breach without understanding its full consequences and capabilities.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"5-Key-Cybersecurity-Management-Lessons-to-Learn\"><\/span>5 Key Cybersecurity Management Lessons to Learn<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>You can\u2019t just hope to avoid cyberattacks or other disasters, you have to expect that something bad will happen. Learn lessons from the misery of others and plan for failure, cover the basics, take advantage of free resources, guard against third-party breaches, and watch out for potentially costly narratives.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3.png\"><img loading=\"lazy\" decoding=\"async\" width=\"894\" height=\"1024\" src=\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-894x1024.png\" alt=\"healthcare insights for cybersecurity management\" class=\"wp-image-36192\" srcset=\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-894x1024.png 894w, https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-262x300.png 262w, https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-768x880.png 768w, https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-1341x1536.png 1341w, https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3-1788x2048.png 1788w\" sizes=\"(max-width: 894px) 100vw, 894px\" \/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Plan for Failure<\/h3>\n\n\n\n<p>Never assume everything will be fine. \u201cIt\u2019s imperative for hospitals and all public and private sector organizations to have an assumed breach mindset,\u201d explains Dan Lattimer, Vice President at Semperis. \u201cPreparing now for inevitable disruptions will dramatically improve an organization\u2019s operational resiliency and better prepare them to turn away adversaries, leading the threat actors to softer targets downstream.\u201d<\/p>\n\n\n\n<p>Plan, implement, and regularly drill for potential failure using:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong><a href=\"https:\/\/www.esecurityplanet.com\/threats\/integrated-risk-management\/\">Integrated risk management<\/a>:<\/strong> Aligns operations goals with security risk to identify and protect the critical points of failure to limit the blast radius of potential issues.<\/li>\n\n\n\n<li><strong>Disaster recovery:<\/strong> Exceed the compliance minimums and<a href=\"https:\/\/www.esecurityplanet.com\/networks\/data-loss-prevention-best-practices\/\"> implement data loss prevention best practices<\/a>, as well as back up critical systems such as Active Directory, server configurations, and network equipment settings.<\/li>\n\n\n\n<li><strong>Table top exercises:<\/strong> Talk through potential disasters and steps in advance so teams can identify points of failures and address them; where possible, execute recovery drills to gain experience with procedures and verify that disaster recovery plans actually work.<\/li>\n<\/ul>\n\n\n\n<p>Steve Stone, the Head of Rubrik Zero Labs, adds that \u201cwe advocate that governments and private industry evaluate and enable recoverable backups for healthcare and a recurring sensitive data evaluation\/reporting construct. \u201cThe <a href=\"https:\/\/databreaches.net\/2024\/01\/24\/university-of-twente-maps-decision-making-process-for-ransomware-victims\/\" target=\"_blank\" rel=\"noreferrer noopener\">University of Twente recently studied<\/a> factors contributing to paying a ransom and recoverable backups were the single largest delineator with organizations having recoverable backups being 27 times less likely to pay a ransom.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Cover the Basics of Cybersecurity<\/h3>\n\n\n\n<p>While you must plan for disaster, it\u2019s even better to avoid it. Fortunately, a small number of basic security principles can prepare every organization for the bulk of attacks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Protect identity:<\/strong> Credentials will be stolen so implement MFA to make attacks harder to execute, implement <a href=\"https:\/\/www.esecurityplanet.com\/products\/active-directory-security-tools\/\">active directory (AD) security<\/a> to catch attempted credentials abuse.<\/li>\n\n\n\n<li><strong>Test systems:<\/strong> Don\u2019t assume correct installations and configurations, use <a href=\"https:\/\/www.esecurityplanet.com\/networks\/value-of-penetration-testing\/\">penetration testing<\/a> to validate initial and ongoing status of externally facing and high value systems.<\/li>\n\n\n\n<li><strong>Patch known weaknesses:<\/strong> Vendors regularly issue patches to fix discovered flaws, <a href=\"https:\/\/www.esecurityplanet.com\/networks\/patch-management-process\/\">so use patch<\/a> or <a href=\"https:\/\/www.esecurityplanet.com\/networks\/vulnerability-management\/\">vulnerability management<\/a> to prioritize, track, and implement fixes.<\/li>\n\n\n\n<li><strong>Identify and manage assets:<\/strong> To ensure no overlooked devices, perform asset discovery and implement <a href=\"https:\/\/www.esecurityplanet.com\/networks\/it-asset-management\/\">IT asset management<\/a> &#8211; especially for high risk systems.<\/li>\n\n\n\n<li><strong>Control regulated data:<\/strong> Use data tracing and identification through <a href=\"https:\/\/www.esecurityplanet.com\/networks\/data-loss-prevention-best-practices\/\">data loss prevention<\/a> (DLP) and other tools to find data, control access, and <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-encryption-software\/\">protect it with encryption<\/a>.<\/li>\n<\/ul>\n\n\n\n<p>Yossi Rachman, Senior Director of Security Research, Semperis, emphasizes that \u201cActive Directory environments are the most vulnerable entry points and one of the most negatively impactful attacks; hackers frequently target these environments, making it imperative that organizations have real time visibility to changes to elevated network accounts and groups.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Use Free Resources<\/h3>\n\n\n\n<p>Healthcare, like most organizations, struggles to grow IT budgets. However, teams can invest a little time to use free resources without causing financial strain.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Security tools:<\/strong> Open source <a href=\"https:\/\/www.esecurityplanet.com\/applications\/open-source-penetration-testing-tools\/\">penetration testing tools<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/open-source-vulnerability-scanners\/\">vulnerability scanners<\/a>, <a href=\"https:\/\/www.esecurityplanet.com\/networks\/nmap-vulnerability-scanning-made-easy\/\">especially Nmap<\/a>, provide powerful insight into possible weaknesses.<\/li>\n\n\n\n<li><strong>Password breach sites:<\/strong> Free websites such as <a href=\"https:\/\/haveibeenpwned.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">HaveIBeenPwned<\/a> and <a href=\"https:\/\/www.hudsonrock.com\/threat-intelligence-cybercrime-tools\" target=\"_blank\" rel=\"noreferrer noopener\">Hudson Rock<\/a> provide free resources to check for compromised identities and passwords.<\/li>\n\n\n\n<li><strong>Government services:<\/strong> The US Cybersecurity &amp; Infrastructure Security Agency (CISA) provides <a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/free-cybersecurity-services-and-tools\" target=\"_blank\" rel=\"noreferrer noopener\">free assessment tools<\/a>.<\/li>\n<\/ul>\n\n\n\n<p>While these tools may require more time and expertise than commercial tools, helpful tips can be easily found in a large number of online articles, videos, and community forums.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Prevent Third-Party Breaches<\/h3>\n\n\n\n<p>As MediSecure experienced, trusted partners can become the source of attack. Jeremy Nichols, NTT Security Holdings Director, Global Threat Intelligence Center, recommends that \u201chealthcare providers need to strongly assess supply chain providers, third party integrations, and customer and insurance web portals. These present major publicly facing entry points to provider, insurance, and patient data that leave both healthcare organizations and their patients at risk.\u201d<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Track vendor risks:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/products\/third-party-risk-management\/\">Third-party risk management tools<\/a> help to track partners and to even conduct risk assessments against their infrastructure.<\/li>\n\n\n\n<li><strong>Monitor software supply chains:<\/strong> Use <a href=\"https:\/\/www.esecurityplanet.com\/networks\/website-vulnerability-scanners\/\">software and website vulnerability scanners<\/a> to scan libraries and software supply chain components for flaws and malware.<\/li>\n\n\n\n<li><strong>Understand web plug-ins:<\/strong> Fully understand the capabilities and consequences of installing third-party plugins to websites to avoid inadvertent security breaches.<\/li>\n\n\n\n<li><strong>Apply <a href=\"https:\/\/www.esecurityplanet.com\/applications\/api-security\/\">API security<\/a>:<\/strong> Application programming interfaces (APIs) create fast software connections, but <a href=\"https:\/\/www.esecurityplanet.com\/threats\/vulnerability-recap-april-22-2024\/\">API vulnerabilities<\/a> can be very hard to detect and quite dangerous.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Beware the Narrative<\/h3>\n\n\n\n<p>Overly optimistic initial assessments and denials not only create backlash, but also provide motivation and ammunition for punitive litigation. To make matters worse, recent decisions regarding IT spending or resource allocation will always be examined more than might be reasonable after a breach.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Consider future optics:<\/strong> Before making outsourcing, budgets, and management pay decisions, consider how they might look in context to significant breaches.<\/li>\n\n\n\n<li><strong>Avoid false certainty:<\/strong> Press teams always push for strong, confident statements to boost stakeholder confidence, but avoid optimistic interpretations.<\/li>\n<\/ul>\n\n\n\n<p>While doom and gloom are equally useless, optimism provides more fuel for backlash. Keep statements simple, clear, and to the point.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Bottom-Line-Learn-Healthcares-Lessons-Before-Suffering-Pain\"><\/span>Bottom Line: Learn Healthcare\u2019s Lessons Before Suffering Pain<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Ransomware and other attacks will continue to surge so long as attackers continue to profit. To avoid joining these high profile healthcare organizations in public shame and financial pain, apply the five key lessons to improve your organization\u2019s security today. Security will never be completely foolproof, but it certainly can decrease the blast radius of a successful attack and keep you out of the news.<\/p>\n\n\n\n<p><strong>If you don\u2019t have the resources to act, explore outsourcing as an option for improved security and read about <a href=\"https:\/\/www.esecurityplanet.com\/networks\/what-is-a-managed-security-service-provider\/\">managed security service providers (MSSPs)<\/a>.<\/strong><\/p>\n\n\n<!-- ICP Plugin: Start --><div class=\"icp-list icp-list-main icp-list-body-top3 row\">\n    \n        <!--\n            ICP Plugin - body top3\n            ----------\n            Category: \n            Country: HK\n        -->\n    <\/div>\n<!-- ICP Plugin: End -->\n\n\n<div id=\"ta-campaign-widget-66d6e40ae696d-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6e40ae696d\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6e40ae696d\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6e40ae696d\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6e40ae696d\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6e40ae696d\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6e40ae696d\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.<\/p>\n","protected":false},"author":271,"featured_media":35609,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[15],"tags":[4517,3790,32047,1146,3414,2478,730],"b2b_audience":[33],"b2b_industry":[63],"b2b_product":[31790,379],"class_list":["post-35608","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threats","tag-backup","tag-cybersecurity","tag-data-recovery","tag-malware","tag-network-security","tag-ransomware","tag-security","b2b_audience-awareness-and-consideration","b2b_industry-technology","b2b_product-ransomware","b2b_product-threats-and-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybersecurity Management Lessons from Healthcare Security Breaches<\/title>\n<meta name=\"description\" content=\"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity Management Lessons from Healthcare Security Breaches\" \/>\n<meta property=\"og:description\" content=\"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2024-05-30T18:40:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-21T14:09:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"2863\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Chad Kime\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chad Kime\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\"},\"author\":{\"name\":\"Chad Kime\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9\"},\"headline\":\"Cybersecurity Management Lessons from Healthcare Woes\",\"datePublished\":\"2024-05-30T18:40:48+00:00\",\"dateModified\":\"2024-06-21T14:09:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\"},\"wordCount\":2356,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png\",\"keywords\":[\"backup\",\"cybersecurity\",\"data recovery\",\"malware\",\"network security\",\"ransomware\",\"security\"],\"articleSection\":[\"Threats\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\",\"name\":\"Cybersecurity Management Lessons from Healthcare Security Breaches\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png\",\"datePublished\":\"2024-05-30T18:40:48+00:00\",\"dateModified\":\"2024-06-21T14:09:35+00:00\",\"description\":\"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png\",\"width\":1400,\"height\":900,\"caption\":\"Image: Sunshine\/Adobe Stock\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity Management Lessons from Healthcare Woes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9\",\"name\":\"Chad Kime\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg\",\"caption\":\"Chad Kime\"},\"description\":\"eSecurity Planet lead writer Chad Kime covers a variety of security, compliance, and risk topics. Before joining the site, Chad studied electrical engineering at UCLA, earned an MBA from USC, managed 200+ ediscovery cases, and helped market a number of IT and cybersecurity products, then transitioned into technical writing policies and penetration test reports for MSPs and MSSPs. In his free time, Chad enjoys walks on the beach with his wife, annoying his children, and trying to carve out time for movies, books, video games, and bike rides.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/chad-kime\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity Management Lessons from Healthcare Security Breaches","description":"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/","og_locale":"en_US","og_type":"article","og_title":"Cybersecurity Management Lessons from Healthcare Security Breaches","og_description":"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.","og_url":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/","og_site_name":"eSecurity Planet","article_published_time":"2024-05-30T18:40:48+00:00","article_modified_time":"2024-06-21T14:09:35+00:00","og_image":[{"width":2500,"height":2863,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/06\/ESP_CyberSecurityManagementLessons_2024_DA_rnd3.png","type":"image\/png"}],"author":"Chad Kime","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Chad Kime","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/"},"author":{"name":"Chad Kime","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9"},"headline":"Cybersecurity Management Lessons from Healthcare Woes","datePublished":"2024-05-30T18:40:48+00:00","dateModified":"2024-06-21T14:09:35+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/"},"wordCount":2356,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png","keywords":["backup","cybersecurity","data recovery","malware","network security","ransomware","security"],"articleSection":["Threats"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/","url":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/","name":"Cybersecurity Management Lessons from Healthcare Security Breaches","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png","datePublished":"2024-05-30T18:40:48+00:00","dateModified":"2024-06-21T14:09:35+00:00","description":"Learn key cybersecurity management lessons from recent healthcare ransomware attacks and data breaches to avoid costly and humiliating situations.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/05\/esp_20240530-cybersecurity-lessons-from-security-breaches-in-healthcare.png","width":1400,"height":900,"caption":"Image: Sunshine\/Adobe Stock"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/threats\/cybersecurity-lessons-from-security-breaches-in-healthcare\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity Management Lessons from Healthcare Woes"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/86e8ee2d3bc71af07dbe303d16f17dc9","name":"Chad Kime","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/08\/2023-Kime-HeadShot-150x150.jpg","caption":"Chad Kime"},"description":"eSecurity Planet lead writer Chad Kime covers a variety of security, compliance, and risk topics. Before joining the site, Chad studied electrical engineering at UCLA, earned an MBA from USC, managed 200+ ediscovery cases, and helped market a number of IT and cybersecurity products, then transitioned into technical writing policies and penetration test reports for MSPs and MSSPs. In his free time, Chad enjoys walks on the beach with his wife, annoying his children, and trying to carve out time for movies, books, video games, and bike rides.","url":"https:\/\/www.esecurityplanet.com\/author\/chad-kime\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/35608"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/271"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=35608"}],"version-history":[{"count":4,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/35608\/revisions"}],"predecessor-version":[{"id":36195,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/35608\/revisions\/36195"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/35609"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=35608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=35608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=35608"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=35608"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=35608"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=35608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}