Tackling Growing Pandemic Cyberthreats in HealthcareDenise Anderson, President of H-ISAC, Discusses the 'Myriad of Threats'
As the COVID-19 pandemic persists, security threats and related risks continue to grow, including those involving healthcare insiders, says Denise Anderson, president of the Health Information Sharing and Analysis Center.
While healthcare sector entities are facing ransomware and other external cyberthreats, the threats posed to - and by - insiders during the pandemic should not be underestimated, she says in an interview with Information Security Media Group.
"Many healthcare workers are becoming the targets of people who are not so enthusiastic about the [COVID-19] vaccines, not just from a cyber perspective - we've seen some databases and vaccine sites being taken down [by malicious actors] - but also from a physical perspective, where we've seen attacks on healthcare workers and others," she says.
"So, there's a myriad of threats out there that we constantly need to be abreast of and share."
That ranges from situations in which medical workers are offered enticements to provide COVID-19-related data access to outsiders to situations involving anti-vax employees at healthcare organizations that are mandating their staff get vaccinated.
"It's certainly a possibility of having a disgruntled insider who feels they lost their job because they didn't get a vaccine, and they want to cause harm against the organization. This is something that organizations always need to be mindful of."
Anderson is a featured speaker on a healthcare discussion panel - "Lasting Security Lessons From the Pandemic" - during the ISMG Virtual Cybersecurity Summit: New York City taking place on Tuesday and Wednesday. The other panelists in that session are Chris Frenz, assistant vice president of IT security at Mount Sinai South Nassau, and Dr. Mark Jarrett, senior vice president and chief quality officer and associate chief medical officer at Northwell Health.
In the interview (see audio link below photo), Anderson also discusses:
- Other ongoing cyber challenges involving COVID-19, as well as the vaccines;
- Recommendations for healthcare sector entities to better defend against ransomware and other cyber threats;
- Her testimony at a recent meeting between the National Council of ISACs and members of Congress to provide an update on how public/private models of cybersecurity information sharing are helping the nation in its preparedness to respond to cyberthreats.
Anderson is president of H-ISAC, one of more than a dozen ISACs whose mission is protecting the nation’s critical infrastructure from attacks through dissemination of trusted and timely information. She also serves as the chair of the National Council of ISACs. Anderson is also a health sector representative to the National Cybersecurity and Communications Integration Center, a Department of Homeland Security-led coordinated watch and warning center. Prior to H-ISAC, Anderson was a vice president of the Financial Services ISAC. She has more than 25 years of management experience in the private sector.