You might remember the infamous Anthem data breach, which happened in February 2015 and compromised 80 million...
patient records. It has been dubbed one of the worst healthcare data breaches.
During that time Steve Moore was staff vice president of cybersecurity analytics at Anthem and, needless to say, he learned a lot from the Anthem data breach.
"Healthcare is in an interesting position," said Moore, now vice president and chief security strategist at Exabeam, a company based in San Mateo, Calif., that has created a security intelligence platform. "I think they're one of the [industries] that are most susceptible and really then get the most news when bad things happen, for obvious reasons."
From his point of view, and from his experience with the Anthem data breach, Moore believes there are several challenges healthcare needs to address.
Acquiring the right talent
Healthcare is struggling to attract not just talented IT professionals, but talented IT professionals that specialize in and focus on security.
"Getting talent to go to a hospital is difficult," Moore said. "There's a shortage of talent."
Moore urges healthcare CIOs to "get very real about your staffing problems" and also "to get very creative."
The key, Moore said, is to work with the young talent of the future.
"If I were a CIO in healthcare I would make sure I had the finest mentorship and college recruiting ... internship program in my area," he said. "I would not be beaten."
Email: An ongoing issue
"We do too much work in email and it's the biggest vector I have in terms of getting into an environment," Moore said.
Moore said that more needs to be done in healthcare to scrutinize email and how email is being used in an organization. Healthcare organizations should be looking at whether it's really necessary to accept all types of attachments.
Steve Moorevice president and chief security strategist, Exabeam
"It doesn't even take an extensive tool to make sure that's successful," he said.
Moore said it's also important that healthcare organizations make sure they are able to understand the full scope of an attack after it happens.
Moore said healthcare CIOs should think about addressing this issue by being able to figure out where the infection point was and how long the infection has been there.
"If you don't have capabilities around that you're really at a disadvantage," he said.
"Understand the threat of stolen credentials. People have to be very serious about this," Moore said. "If there's anything in the medical world that's username and password only, especially if it's connected to the internet, those credentials are being harvested, stolen and resold on the black market."
Moore uses the Dark Overlord, a group of hackers, as an example. This group hacked into medical clinics, as well as other non-medical organizations -- most notably, hacking into released and not-yet-released shows from Netflix -- by using stolen credentials. The group ended up compromising 60,000 patient records, Moore said.
"You want to do some adaptive authentication, something that's multifactor," he said. "If you don't have that understand that these credentials are going to be stolen and used to walk over your environment in every angle."
Must-knows about data breaches in healthcare
Providers take step forward in battle against breaches
Vulnerability assessment offer rejected after Anthem data breach