New Cloud Security Alliance guidelines for healthcare organizations that provide quantifiable perspectives for detecting and defending against ransomware attacks

New Cloud Security Alliance guidelines for healthcare organizations that provide quantifiable perspectives for detecting and defending against ransomware attacks

BELLEVUE, Wash.–(BUSINESS WIRE)–#cloud–The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released Ransomware in the Healthcare Cloud, new guidance from the CSA Health Information Management Working Group. The document explains how cybercriminals use ransomware to attack both the healthcare delivery organization (HDO) and the cloud service provider, and offers security practitioners strategies for detecting ransomware and protecting an HDO’s data.

With 560 ransomware attacks on healthcare providers in 2020, HDOs must architect their cloud for failure to better protect patient data

Highlights

  • Presented in accordance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework’s structure of identify, protect, detect, respond, and recover, the guidance takes a structured, measurable approach to defending against ransomware and details the processes HDOs should be taking to lessen the chance of a successful attack. The document, in addition to reviewing the seven stages of a ransomware attack and common social and physical engineering attack vectors, points readers to several control frameworks, including the Cloud Controls Matrix, an industry-recognized cybersecurity control framework for cloud computing, that can be used to support the NIST Cybersecurity Framework.

  • “When one considers that 2020 saw a 715-percent year-over-year increase in ransomware attacks and the devastating effects and cost ransomware leaves in its wake, it’s no wonder HDOs are under significant strain to prevent these attacks. Ransomware can significantly impact an HDO’s operation, patient safety, and reputation and cause a complete shutdown, putting patients at risk. This makes it imperative that they do all they can to secure their data regardless of where it’s housed,” said Dr. Jim Angle, the paper’s author and co-chair of the Health Information Management Working Group.

As the paper explains, traditional backup methods no longer suffice in the face of time-delayed ransomware attacks. Nor are public clouds impervious, and while they do offer greater protection, because cloud storage is increasingly being used to back up healthcare data, it too is a popular target for ransomware attacks. To protect patients’ data, HDOs must architect their cloud for failure, beginning with identifying an HDO’s assets, business environment, governance, risk management, and supply chain. To help users ensure they are following the proper steps, the document also includes a quick-response checklist from the Department of Health and Human Services, Office for Civil Rights.

“Ransomware attacks can be devastating for HDOs. Not only is there the potential loss of valuable and irreplaceable files, but it can take hundreds of hours of manpower to remove the infection and get systems working again. It’s critical that HDOs have a clear understanding of their business and technology so they can apply the appropriate security measures and mitigate their risk,” said John Yeoh, Global Vice President of Research, Cloud Security Alliance.

The CSA Health Information Management Working Group aims to provide a direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications, and storage) to their clients, and to foster cloud awareness within all aspects of healthcare and related industries. Individuals interested in becoming involved in Health Information Management future research and initiatives are invited to join the working group.