Incident & Breach Response , Managed Detection & Response (MDR) , Security Operations
Fighting the Surge in Phishing Attacks
Cooper University Health Care's Phil Curran on Engaging Employees in the BattleTo help combat a surge in phishing attacks that spread malware, Cooper University Health Care has set up a system for employees to play an active role in the battle, says Phil Curran, CISO and chief privacy officer.
See Also: Ransomware Intelligence Briefing: Key Insights for the C-Level
When an employee spots a suspicious email, the worker sends an alerting email to the organization's IT team - or even directly to Curran - enabling IT staff to quickly "begin the process of blocking the email and removing it from our [Microsoft] Exchange system," he says.
Attempted attacks directly targeting the senior leadership team are also increasing at the Camden, N.J.-based health system, which operates an academic medical center, a cancer center, a children's hospital, three urgent care centers and more than 100 outpatient offices throughout South Jersey and Pennsylvania, he notes.
When it comes to these business email compromise schemes, "we've instituted manual process for verification," Curran says in a video interview at Information Security Media Group's recent Healthcare Security Summit in New York.
"For example, if someone in finance receives an email purportedly from the CEO asking to send money, they will need to get verbal permission from the chief financial officer before that transaction [is approved]," he notes.
In the interview, Curran also discusses:
- The types of ransomware and other malware attacks his organization has been battling this year;
- Why incident response planning is critical;
- Healthcare sector cybersecurity predictions for 2017.
Curran is chief information assurance and privacy officer at Cooper University Health Care. He has more than 20 years of experience in information security and privacy in the military, government and private sectors. In his current role, he's responsible for managing governance and regulatory compliance; risk assessment and management; threat intelligence and vulnerability assessment; privacy and security investigations; business continuity; and awareness and training.