Cybersecurity breaches are becoming more and more prevalent. In fact, it’s been estimated that there were almost 5 billion records breached in 2018. Many organizations spend thousands of dollars on security breach prevention tools, but won’t take the time to create a formal process of identifying, responding to, and communicating an incident.
Let’s take a look at an often under-utilized aspect of network topology in the small to medium business realm: that’s right, a networking article. But before you run off, what if I told you you could increase performance and lower your production down time with equipment you (might) already have!?
The reason we wear our seat belts is not to avoid getting a ticket from the police, but rather to avoid a potential injury in a car accident. This analogy is an easy way to describe the difference between box-checking security and real security, and it's instantly understood regardless of technical knowledge. This message resonates with executives, because they typically prefer to “get to the point” and correctly protecting their data is “the point” of cybersecurity.
Cybersecurity in the healthcare field has gone through a lot changes the past few years. In 2016 there was a significant jump in the total number of healthcare specific cybercrimes. According to SecurityIntelligence there was a 71% increase of confirmed data breaches in the healthcare sector from 2015 to 2016. Drilling down on that increase revealed that most of the jump was from external (aka "hacking" or ransomware or malware") followed by internal non-malicious (aka accidents from insiders). Trends are showing that cybercriminals have found more value in healthcare data and the potential for long term use is much higher because it is more difficult to change an individual’s "health data". Another eye-opener is that the type of healthcare entities affected is not limited to hospitals. Business associates, specialized care providers and healthcare plan have all been targets for cyber crime. Oncology, anesthesiology, orthopedic, and radiology are a few of the specific entities that were in the top 10 largest healthcare breaches of 2016. This data tells us that cybercriminals will target or find data outside of the large medical providers and may even be targeting the organizations that have lagged behind in implementing security controls.