It’s Not If, But When: Cybersecurity Tips from SCHA’s John Williams
Leading up to Russia’s invasion of Ukraine last week, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) learned that threat actors were deploying destructive malware against organizations in Ukraine to destroy computer systems and render them inoperable. Destructive malware can present a direct threat to an organization’s daily operations, impacting the availability of critical assets and data. The FBI And CISA believe that further disruptive cyberattacks against organizations in Ukraine are likely to occur and may unintentionally spill over to organizations in other countries. Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event. Here are a few helpful tips and best practices for cybersecurity, organized by topic:
Leadership: Cyber-security starts at the top
- Establish a safety culture that extends to everyone in your organization.
- Leadership must illustrate the importance of security policies and ensure the measures are being followed.
Preparation: It’s not if but when a cyber security attack will occur.
- Review and exercise your down time procedures. Your plan should maintain and improve system performance, safeguard data, and speak to how you would respond to emergency situations.
- Plan for the unexpected and create a recovery plan. Your recovery plan should be developed in conjunction with your continuity of operations plan. It should identify critical IT systems and networks, prioritize the Recovery Time Objective, and outline steps needed to restart, reconfigure, and recover systems and networks.
- Use and maintain anti-virus software to scan downloads and emails with links to ransomware. Anti-virus software guards against malicious code, and its updates are vital to security.
Good IT Habits: Build the foundation for cyber-security.
- Backup critical data regularly (keep it offline so it isn’t impacted by an attack). Backing up data regularly and keeping backups securely stored are essential to recovering from a disaster.
- Use firewalls and trained team members to set up your hardware and software firewalls.
- Use strong passwords and change them regularly. Use secure password best practices.
- Limit network access and protect mobile devices. Encryption is key.
- Control physical access. Secure devices, confirm policies are in place for outside use, and control protected healthcare information.
- Whitelists are a good way to prevent running of applications that are not approved by the organization.
John Williams is SCHA’s Director of Disaster Preparedness and an experienced leader in hospital security and facility management. Feel free to send him your cybersecurity questions at jwilliams@scha.org.