Healthcare sector entities have been increasingly targeted by ransomware attacks, with about 75% of these attacks occurring on weekends or holidays. Jeff Wichman, the director of incident response at Semperis, emphasized the need for organizations to enhance their staffing and related strategies during these vulnerable times.
According to Wichman, attackers take advantage of weekends and holidays when organizations might have reduced staffing levels. He stressed the importance of organizations proactively increasing their staffing during these high-risk periods. However, many healthcare organizations already face staffing challenges, making it difficult to maintain adequate coverage during weekends and holidays. In such cases, Wichman recommended working with partners such as security operation centers or managed service providers to ensure continuous coverage.
Preparing for ransomware attacks is crucial for healthcare organizations, Wichman advised. This includes conducting recovery drills to understand the time required to restore critical assets and operations. He cautioned against assuming that a simple backup restoration process would suffice, emphasizing the need for a comprehensive and objective approach to cybersecurity preparedness.
In an interview with Information Security Media Group, Wichman also highlighted the significance of backup validation and testing, common identity management mistakes that can lead to security issues, and the evolving regulatory landscape in cybersecurity.
With over two decades of experience in information security, Wichman brings a wealth of expertise in digital forensics and incident response. He has been involved in numerous incident response investigations, ranging from minor email compromises to large-scale ransomware incidents.
As healthcare organizations continue to face escalating ransomware threats, Wichman’s insights underscore the critical importance of proactive cybersecurity measures, adequate staffing during vulnerable periods, and comprehensive preparation to mitigate the impact of potential attacks. By leveraging partnerships, conducting regular drills, and staying abreast of regulatory developments, healthcare entities can bolster their resilience against ransomware threats and safeguard sensitive patient data and critical operations.