Organized crime, and now in some cases, nation-state actors, have amassed substantial financial gain by taking healthcare networks hostage. With each success and ransom paid, more ransomware attacks are guaranteed. While this may sound like a technology problem — and it is — it’s more than that. In healthcare, there are downstream effects for every event. Whatever happens with data eventually affects a human being.
This ransomware guidance whitepaper describes the business and technical aspects of preparing for and responding to a ransomware attack. The author intends for this paper to be used by risk, compliance, security, and operational personnel responsible for creating, configuring, and operating HIPAA- and GDPR-regulated environments.
This white paper contains information to:
- Plan for a ransomware attack.
- Architect a cloud environment capable of thwarting and recovering from an attack.
- Detect the indicators that could lead to a ransomware attack.
- Appropriately respond to a successful attack.
- Conduct the required analysis to determine whether the attack is reportable.
- Recover from the attack.