Lock the windows, not just the door: why most healthcare breaches involve phishing attacks
The healthcare sector experienced the highest percentage of breaches in 2014, according to Identity Theft Resource - 42.3 percent of all reported data breaches came from the healthcare industry. And the target still remains on healthcare’s back. In 2015, 50% of global healthcare organizations are expected to have at least one successful cyber attack this year (IDC).
Most organizations have taken necessary steps to reinforce their perimeter defenses with firewalls, intrusion detection, deep packet inspection and so on. However, attackers have now turned to socially engineering attacks to exploit a security vulnerability that most people don’t consider as they build out a detailed security plans – their employees.
IT Security isn’t top of mind for most of your employees. So there’s an inherent vulnerability that all organizations have when a carefully launched attack presents a malicious dialog box to your employees, disguised as a Windows request for their login credentials to install a security patch or to upgrade their Office software. Once the employee enters their credentials, malicious software can be easily installed. When the malicious software takes hold of an employee’s machine – all bets are off and the entire network is at risk. Your carefully constructed perimeter defense has just been negated.
In this webinar you will learn to:
- Identify historically under-considered vulnerabilities
- List the protective steps you can take – including strong, physical authentication and careful employee training and conditioning
- Cite real-world examples of how to help protect against breaches that attempt to exploit these vulnerabilities