By Bill Siwicki
Before the prevalence of mobile phones and caller ID, there was an urban legend about a babysitter receiving frightening calls. Long story short: When an operator runs a trace, the babysitter is told to her horror, “The calls are coming from inside the house!”
Such is the case with cybersecurity today. Threats are not just coming from without, they also are coming from within. Cybercriminals might be trying to crack through a healthcare organization’s outer defenses, or, they may already be inside an organization’s network. Either way, the horror they can wreak upon a healthcare organization is considerable, including not just holding data hostage but bringing patient care to a standstill.
Consequently, healthcare executives must know how to detect malware in order to prevent the heinous software from executing and doing damage.
“There is a measure of security effectiveness called dwell time, which refers to the length of time a piece of malware or a hacker is in an organization before the organization detects them,” said Peter Firstbrook, a research vice president at Gartner who specializes in security. “When you look at the incident investigation reports from major firms like Verizon and Mandiant, dwell time can be measured in hundreds of days, and this is because many organizations do not have effective detection capabilities. If an organization’s protections do not alert staff, they assume they are safe. You should always assume the opposite.”