To help stay ahead of evolving cyber threats, including ransomware, it's critical that healthcare entities deploy a defense-in-depth strategy that includes tapping advanced tools, including deception technology, says security expert Elie Nasrallah.
Deception technology can help organizations identify emerging threats and potential attacks, says Nasrallah, director of cybersecurity strategy at the Healthcare Information Trust Alliance, or HITRUST, an information sharing and analysis organization known for its Common Security Framework.
As part of HITRUST's threat intelligence sharing efforts, "we're actually deploying decoys that mimic healthcare systems," such as electronic health records systems and medical devices, he says in an interview with Information Security Media Group.
"We lure the would-be-attackers into these decoys that look and feel just like production systems but contain fake data so that we can capture their techniques, tactics and procedures," he says.
"Then we share those indicators back into the cyber threat exchange so that the other payers and providers that are part of our cyber threat intelligence sharing system can consume them into their incident response workflow and protect themselves from a new breed of attack or ransomware that might be targeting mission critical systems like EHRs."
In the interview (see audio link below photo), Nasrallah also discusses:
- Lessons that have emerged from WannaCry and other ransomware attacks;
- Other top security technology recommendations spotlighted in a recent HITRUST research report;
- Cyber threats that are posing the biggest risks to patient safety.
As director of cybersecurity strategy at HITRUST, Nasrallah is responsible for tackling complex cybersecurity problems for the U.S. healthcare sector. Before joining HITRUST, Nasrallah worked for Trend Micro, FireEye and RSA. His experience spans many areas in security within various industries, but he has most recently focused on helping healthcare organizations strengthen their defenses against cyberattacks.