Lock the Windows, Not Just the Door: Why Most Healthcare Breaches Involve Phishing Attacks

The healthcare sector experienced the highest percentage of breaches in 2014, according to Identity Theft Resource - 42.3 percent of all reported data breaches came from the healthcare industry. And the target still remains on healthcare’s back. In 2015, 50% of global healthcare organizations are expected to have at least one successful cyber attack this year (IDC). Most organizations have taken necessary steps to reinforce their perimeter defenses with firewalls, intrusion detection, deep packet inspection and so on. However, attackers have now turned to socially engineering attacks to exploit a security vulnerability that most people don’t consider as they build out a detailed security plans – their employees. IT Security isn’t top of mind for most of your employees. So there’s an inherent vulnerability that all organizations have when a carefully launched attack presents a malicious dialog box to your employees, disguised as a Windows request for their login credentials to install a security patch or to upgrade their Office software. Once the employee enters their credentials, malicious software can be easily installed. When the malicious software takes hold of an employee’s machine – all bets are off and the entire network is at risk. Your carefully constructed perimeter defense has just been negated. This webinar is geared toward IT and Security professionals, such as CIO, CISO, head of privacy, head of security. Attendees of this webinar will be able to: 1) Identify historically under-considered vulnerabilities 2) List the protective steps you can take – including strong, physical authentication and careful employee training and conditioning 3) Cite real-world examples of how to help protect against breaches that attempt to exploit these vulnerabilities About the Speakers: Glynn Stanton As Information Security Manager for Yale New Haven Health System for over 3 years, Glynn is responsible for the definition and implementation of security policies and technologies. An experienced manager across multiple industry verticals and technology areas. Glynn has over 20 years of experience managing operational, architectural and security functions delivering large projects globally for Fortune 50 companies. David Ting David is the co-founder and Chief Technology Officer at Imprivata where he directs all System Architecture and Research and Discover initiatives. He is a global expert in healthcare IT security whose work in authentication and identity management have earned him a reputation for enabling “invisible” security. David has more than twenty years of experience in developing advanced imaging software and systems for high security, high-availability systems. Prior to founding Imprivata, he developed fingerprint and facial biometric applications for government programs and web-based applications for secure document exchange. David holds fourteen patents with several pending. He frequently speaks and publishes on issues relating to identity management, biometrics, secure clinical communications and healthcare IT security.