Maksim Kabakou - Fotolia


Security advice from expert who weathered Anthem data breach

After weathering the infamous Anthem data breach, Steve Moore has learned a thing or two about healthcare cybersecurity. He shares the main challenges he thinks healthcare needs to overcome.

You might remember the infamous Anthem data breach, which happened in February 2015 and compromised 80 million...

patient records. It has been dubbed one of the worst healthcare data breaches.

During that time Steve Moore was staff vice president of cybersecurity analytics at Anthem and, needless to say, he learned a lot from the Anthem data breach.

"Healthcare is in an interesting position," said Moore, now vice president and chief security strategist at Exabeam, a company based in San Mateo, Calif., that has created a security intelligence platform. "I think they're one of the [industries] that are most susceptible and really then get the most news when bad things happen, for obvious reasons."

From his point of view, and from his experience with the Anthem data breach, Moore believes there are several challenges healthcare needs to address.

Acquiring the right talent

Healthcare is struggling to attract not just talented IT professionals, but talented IT professionals that specialize in and focus on security.

Steve Moore, vice president and chief security strategist, ExabeamSteve Moore

"Getting talent to go to a hospital is difficult," Moore said. "There's a shortage of talent."

Moore urges healthcare CIOs to "get very real about your staffing problems" and also "to get very creative."

The key, Moore said, is to work with the young talent of the future.

"If I were a CIO in healthcare I would make sure I had the finest mentorship and college recruiting ... internship program in my area," he said. "I would not be beaten."

Email: An ongoing issue

"We do too much work in email and it's the biggest vector I have in terms of getting into an environment," Moore said.

Moore said that more needs to be done in healthcare to scrutinize email and how email is being used in an organization. Healthcare organizations should be looking at whether it's really necessary to accept all types of attachments.

If I were a CIO in healthcare I would make sure I had the finest mentorship and college recruiting ... internship program in my area. I would not be beaten.
Steve Moorevice president and chief security strategist, Exabeam

"It doesn't even take an extensive tool to make sure that's successful," he said.

Moore said it's also important that healthcare organizations make sure they are able to understand the full scope of an attack after it happens.

Moore said healthcare CIOs should think about addressing this issue by being able to figure out where the infection point was and how long the infection has been there.

"If you don't have capabilities around that you're really at a disadvantage," he said.

Stolen credentials

"Understand the threat of stolen credentials. People have to be very serious about this," Moore said. "If there's anything in the medical world that's username and password only, especially if it's connected to the internet, those credentials are being harvested, stolen and resold on the black market."

Moore uses the Dark Overlord, a group of hackers, as an example. This group hacked into medical clinics, as well as other non-medical organizations -- most notably, hacking into released and not-yet-released  shows from Netflix -- by using stolen credentials. The group ended up compromising 60,000 patient records, Moore said.

"You want to do some adaptive authentication, something that's multifactor," he said. "If you don't have that understand that these credentials are going to be stolen and used to walk over your environment in every angle."

Next Steps

Must-knows about data breaches in healthcare

Providers take step forward in battle against breaches

Vulnerability assessment offer rejected after Anthem data breach 

Dig Deeper on Electronic medical records security and data loss prevention