Cyber Resilience is like muscle – training helps you achieve more. In this Ransomware Bootcamp seminar, you will learn about the changes to cyber insurance and how to prepare for them, an inside perspective from a ransomware negotiator, and steps on how to train your resilience muscle to strengthen your defensive and offensive strategies.
CynergisTek, Lockton Companies, and GroupSense provided insider insights on how to stay ahead of the curve and protect yourself from being the next target.
"The healthcare industry lost an estimated $25 billion to ransomware attacks in 2019," SafeAtLast.
Elissa Doroff, Managing Director & Cyber Technical Leader at Lockton Companies, presented "Cyber Insurance - The Effects of Ransomware". Ransomware attacks accounted for 41% of all filed cyber insurance claims in the first half of 2020, according to a report by Coalition. To keep up with the cost, and rise in claim occurrence, cyber insurance providers are implementing compliance requirements that, depending on compliance capability, might increase your coverage cost or deem you ineligible to be insured at all.
Elissa Doroff covered the following in her session:
- Background of the always-evolving cyber insurance industry. Once deemed an organizational “nice to have”, finds itself in a pivotal point that may change the insured’s coverage decision forever.
- A walkthrough of the top 10 cybersecurity compliance standards, and a deep dive into why they are important, and what they mean.
- What happens once you become insured. Including best practices to work with your insurance company, how cyber insurance works, a look into filing a claim, and a broker’s perspective on breach response.
Kurtis Minder followed Elissa and presented "Real Life Perspectives from a Ransomware Negotiator". No one ever expects it to happen to them, but with ransomware and cybercrime on the rise, it’s more likely than ever to discover that ransomware has locked down your system and cybercriminals are holding your data hostage.
"2020 Healthcare attacks involved the theft or exposure of the protected health information of at least 18,069,012 patients," HIPPA Journal.
Kurtis Minder covered the following in his session:
- What most people don’t realize about ransomware and the cybercriminals that run these exploits
- Immediate do’s and don’ts if your systems are being held captive
- How to limit potential damage like data loss, overpaying threat actors, tarnished brand reputation, and compliance violations
- Notable stories from the field
Below are some interesting healthcare specific stats/issues from Kurtis's session:
- Connected IoMT: There are 430 million connected medical devices worldwide. The number rises every day, creating an expanded attack surface.
- Mergers and Acquisitions (M&A): It is not uncommon for healthcare organizations to have many mergers and acquisitions. An organization might be more vulnerable if the acquired organization doesn’t have up-to-date records of all its assets.
- 2020 Healthcare Ransomware: More than a third of healthcare organizations were hit by a ransomware attack in 2020 and of those, 65% said the cybercriminals were successful in encrypting their data.
- Unpatched Systems: Many health care institutions use unpatched or outdated hardware devices and software, which are prone to ransomware attacks.
Mac McMillan, President & CEO at CynergisTek closed out the event by highlighting the crucial need for organizations to shift towards cybersecurity resilience, and away from a compliance/preparation-only mindset. Mac discussed key findings from Elissa and Kurtis’s sessions and tied it all together.
About Kurtis Minder:
Kurtis Minder is the CEO and co-founder of GroupSense, a leading provider in Digital Risk solutions. Kurtis built a robust cyber reconnaissance operation protecting some of the largest enterprises and government organizations. Kurtis has been the lead negotiator at GroupSense for ransomware response cases. He has successfully navigated and negotiated some of the largest ransomware, breach, and data extortion cases world-wide. With over 20 years in the information security industry, Kurtis brings a unique blend of technical, sales and executive acumen.