Reality is not always kind

In 3 Harsh Realities – Ep 345 of the Help Me With HIPAA podcast, Donna and David sidelined the Easter Bunny, burn the Elf on the Shelf and send Bambi out to fend for itself during deer season. Just kidding! Donna and David did talk about the article that Sonya Duffin of Threatpost wrote, 3 Tips for Facing the Harsh Truths of Cybersecurity in 2022, Part 1. It is a very sobering article regarding cyber criminals in the world today.

The first reality that Sonya points out is that, “…ransomware is prevalent, and there is no way to completely eliminate the threat.” Stop! Don’t start disconnecting your computer just yet. Donna and David agree with Sonya and they point out that you have to identify the threats to your business and then decide how you are going to manage them. You can mitigate the damage that will occur, but you cannot eliminate the threat of ransomware. So, start by planning how you can lessen the damage to your business if you are attacked by ransomware.

The second harsh reality is that you should conduct your business as if you have already been hacked and the bad actors are in your system. Make sure that your security services are monitoring for unusual activity, understand IT’s patch management process, and periodically run vulnerability scans on your networks. If your system is not detecting attacks, then there is a great chance your security system is not working.

The third harsh reality is that cybercriminals probably know your computer systems better than you do. This is their job and it is a very lucrative business. Cyber criminals infiltrate your systems and lay low until they are ready to do as much damage as they can and collect the biggest payday possible. ​​If you aren’t looking and constantly evaluating what’s happening on the network, there’s no way to know there is a threat until a criminal drops their bomb.

While these realities are harsh, there are ways to mitigate the impact to your business. Anytime, there is a change in your environment, you need to do a risk analysis. Understand where all your data is, who can access it and make sure those folks need that access. Listen to 3 Harsh Realities – Ep 345 to hear more tips on how to protect your business and your patients’ information.

Don’t forget to check out the PriSec Boot Camp being held September 12 – 15, 2022 at the Hyatt Regency in Louisville, KY! Registration is open! Get in on the Early Bird pricing now! Hope to see you there!!