The healthcare industry - both payers and providers - has become a favorite target of threat actors. While 2015 was named the "year of the healthcare breach," 2016 has seen its share of large-scale attacks, especially in the form of ransomware. With the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announcing that a ransomware attack should be treated as a data breach unless proven otherwise, the pressure is on healthcare professionals to have the right response and assessment approaches.
But what steps can payers and providers take to ensure they are meeting HIPAA breach notification requirements and mitigating their risk factors? The first step is to categorize, prioritize, and understand the mindset of threat actors - what motivates them and how they accomplish their objectives.
In this white paper, we discuss:
- Five types of threat actors, from disruptive to damaging
- Factors that make healthcare vulnerable to present and future attacks
- The fallout of recent data breaches of prominent healthcare networks
- What it takes to build an effective cyber security program