The recent ransomware attack on a major IT vendor for the UK National Health Service has had devastating consequences, leading to the rescheduling of approximately 1,500 medical appointments at two London hospitals. These appointments included critical cancer treatments and organ transplant surgeries, highlighting the vulnerability of healthcare infrastructures to cyber threats.
Steve Stone, the head of Zero Labs at Rubrik, sheds light on why ransomware operators target the healthcare industry. According to Stone, healthcare organizations possess architectural nuances that make them attractive targets for cyber criminals. These nuances are similar to those found in other industries such as finance, manufacturing, and government. However, what sets healthcare apart is the sheer volume of sensitive data it holds. On average, healthcare organizations house 50% more sensitive data, which is growing at a rate five times faster than the global average for other industries.
Stone emphasizes the critical role of identity management in preventing and mitigating ransomware attacks in cloud and SaaS environments. Understanding which users have access to sensitive data and how they interact with it is essential in reducing the risk of ransomware incidents. By identifying the “risk surface area,” organizations can proactively defend against cyber threats and strengthen their overall security posture.
In a video interview with Information Security Media Group at the Infosecurity Europe 2024 conference, Stone delves into the key takeaways from Rubrik Zero Labs’ “The State of Data Security” report. He underscores the significance of data visibility and the importance of identifying and safeguarding critical assets. Additionally, Stone addresses the challenges of incident response in hybrid environments, where data is distributed across multiple platforms and infrastructures.
As the leader of Rubrik’s data threat research unit, Stone is at the forefront of uncovering real-world cyber intrusions and developing strategies to combat evolving threats. With over 15 years of experience in threat intelligence, including roles in the U.S. military, intelligence community, and private sector, Stone brings a wealth of expertise to the field of cybersecurity. His background at organizations like Mandiant and IBM has equipped him with the knowledge and insights needed to navigate the complex landscape of cyber threats.
Overall, Stone’s insights underscore the critical need for healthcare organizations to prioritize data security and adopt advanced measures to protect against ransomware and other cyber threats. By leveraging identity management solutions, enhancing data visibility, and strengthening incident response capabilities, healthcare providers can better safeguard their sensitive information and ensure the continuity of vital medical services.