Interfaith Medical Center deployed a variety of network security technologies to ward off ransomware and other attacks, virtualizing its servers in the process, which resulted in cost savings of more than $2 million over a seven-year period. Christopher Frenz, assistant vice president of information security at Interfaith, is a strong believer in testing security and empirically determining how secure an organization actually is.
By 2015, it was becoming clear to him that eventually a hospital was going to be hit by a ransomware attack. This sparked his interest in determining just how well Interfaith would be able to withstand an attack.
“One of the ways I approached this was simulating a mass malware outbreak within the hospital, using a custom developed script and the EICAR test string,” he explained. “Running the script attempted to copy and execute the EICAR test string on each PC within the organization to simulate the lateral movement of a threat within the hospital.
“Exercises like these are great because they help an organization concretely identify what security controls are effective, which controls are ineffective or in need of improvement, how well or not the staff response to an incident will be, and if there are any deficiencies in the organization’s incident response plan,” he explained.
Continue reading at healthcareitnews.com | #cybersecurity