January 24, 2017
The most recent cyber security statistics are overwhelming. For 2016, the number of reported U.S. data breaches spiked at an all-time high of 1,093 – a staggering rise over previous years. Ransomware attacks are also exploding. According to a federal interagency report, an estimated 4,000 ransomware attacks occurred each day in 2016 – a 300% increase over the daily attacks seen in 2015. The healthcare and business sectors are particularly at risk, clocking in as the top targets for hackers. The stakes are very high where a successful attack exposing Protected Health Information (PHI) or other sensitive data can lead to significant civil liability, along with enforcement penalties for falling short of federal and state security and reporting requirements. Ransomware attacks are equally concerning where attackers can lock up an entire network, putting important records out of reach and crippling business operations.
Unfortunately, these attacks are the new norm that businesses must prepare for in their day-to-day operations. There are, however, several strategies for preventing network intrusions or stopping the bleeding if a hacker somehow worms into your network. Pre-attack logistical planning is critical, making sure your operations stay several steps ahead of the cyber crooks. Here are some key considerations for meeting these challenges:
- Understand the Risks and Rules – The evolving threats have led to significant legislative action at both the federal and state levels. Some of the new rules are relatively intuitive, others are not. Most employees are also not aware of the cyber dangers and how a simple routine step, such as opening an unknown email on the network, can start an avalanche. Make sure your team understands the landscape and risks – everyone must be on the same page to protect network security.
- Establish Robust Security Measures – Establish a good offense with a rock-solid playbook. Identify mission critical data and assets (your “crown jewels”) for protection, conduct a risk analysis to identify network vulnerabilities, and implement security measures to seal off or minimize your exposure. These measures are not cheap, but are crucial for preventing a devastating attack and avoiding the extraordinary costs of a full-scale breach.
- Install Gold Standard Backup Systems – In the event of a successful ransomware attack, your most important data could be encrypted for eternity. A robust backup system to immediately restore compromised data and network systems and configurations is a critical safeguard.
- Implement an Operations Contingency Plan – If a hacker makes it into your network, an immediate, coordinated response is crucial. Seconds matter. Having the proper procedures in place and making sure your team knows what to do can be the difference between successful countermeasures and becoming the next data breach headline.
- Partner With Experts – Preparing for attacks and making sure your organization is on the cutting edge is an ongoing process. Outside cyber security experts who constantly focus on trends and strategies are powerful allies for that effort. Establish long-term partnerships with outside cyber security and legal experts who work well with your team, understand your operations, and help make sure your defensive strategies and systems are at their very best.
- Train Your Team and Test Your System – Security measures, contingency plans, and other strategies are only as good as the people who stand behind them. Every employee that remotely touches your network needs to be fully trained on the threat and all prevention and response strategies. Also, working with your internal team and external partners, test your system to make sure it works and find areas for improvement. Develop a cyber security culture of questioning security measures and looking for ways to improve your ongoing efforts.
- Vendor Relations – Where vendors are given access to systems and PHI, it is important to ensure that your information technology team is aware of the access and that appropriate contractual and technological safeguards are in place to protect the information.
- Evaluate Your Insurance Coverage – With the evolving cyber security threats, you need to make sure your insurance properly covers the waterfront for internal losses and third-party liability on potential breaches. Take a critical look at your policies in order to make sure the coverage is appropriate and fits within your overall security plans.
If you have questions or need assistance regarding these strategies or other cyber security and privacy issues, please contact HDJN’s Cybersecurity team – Jerry Canaan, Mike Gill, Bill Hall, or John Mumford.
The information contained in this advisory is for general educational purposes only. It is presented with the understanding that neither the author nor Hancock, Daniel, Johnson & Nagle, PC, is offering any legal or other professional services. Since the law in many areas is complex and can change rapidly, this information may not apply to a given factual situation and can become outdated. Individuals desiring legal advice should consult legal counsel for up-to-date and fact-specific advice. Under no circumstances will the author or Hancock, Daniel, Johnson & Nagle, PC be liable for any direct, indirect, or consequential damages resulting from the use of this material.