Ransomware Avoidance

Ransomware continues to attack new victims on a daily basis. Even with all the training and all the protective applications we have available to us. Just a couple of days ago, Prospect Medical Holdings, which operates 15 hospitals and over 165 clinics and outpatient centers, shut down its critical operation services and took its IT systems offline due to ransomware forcing clinicians to revert to paper processes. The scary thing is they aren't alone. A recent ransomware research report from Barracuda shows that ransomware attacks on health care have increased 12 to 18% so far this year since attackers typically use email and web applications as the starting point for ransomware by sending fake email messages that ask for your user credentials. They can quickly use compromised credentials as a launch pad for ransomware attacks to enable them to move laterally inside an organization and avoid detection. I think it points out the fact that companies and organizations still aren't forcing their employees to take cybersecurity awareness training seriously. I read an article several days ago referencing a survey showing that many company executives avoid or refuse to take the time to go through regular cybersecurity awareness training. The cybersecurity insurance providers all require that a company in. Covered companies go through cybersecurity awareness, and training and document it.