Attacks involving ransomware and other malware will continue to be a top challenge for healthcare entities in the year ahead, predicts Curt Kwak, CIO of Proliance Surgeons.
"Ransomware is an ongoing issue, not only because of the impact it has on the organization, but because it is so difficult to detect proactively. I say this because of all the variations of ransomware we're seeing," he says in an interview with Information Security Media Group.
"If it's not one form, in a few weeks it's in a different form [delivered] in a different method," he says. "The best practice we've implemented over the last couple of years has been focusing on the back-ups - making sure our primary and critical data are backed up, and focusing on end user data, as well. The key here is to avoid [paying] any ransom, you need to ensure your data is secure ... and is re-accessible by the end user. As long as you don't get into that predicament, you can avoid paying any ransom, and fortunately we've stayed on top of that. But we're constantly on our toes because we don't know what we'll face next."
In the interview, Kwak also discusses:
- New firewall technology Proliance implemented in 2017 and why also having a well-trained "human firewall" is critical;
- The importance of organizations in the healthcare and government sectors implementing standards, including the National Institute of Standards and Technology's cybersecurity framework;
- Security risk management challenges involving medical devices and the internet of things.
As CIO for Proliance Surgeons, Kwak oversees all technology implementation and maintenance necessary to meet the needs of the organization's 100 surgical care sites. Previously, Kwak was CIO for the Washington Health Benefit Exchange, a health insurance exchange under the Affordable Care Act. He also served as CIO at Providence Health & Services and oversaw IT needs at Western Washington Ministries.