A hospital falling victim to ransomware has become an all too frequent occurrence and one that everyone should be worried about. The WannaCry attack not only took out computer systems at many hospitals worldwide but also demonstrated that ransomware had the ability to compromise medical devices as well proving that ransomware and other cyber threats not only pose a risk to patient information but also to patient safety. These attacks gave and whole new and wholly unacceptable meaning to the term Denial of Service and healthcare organizations need to take measures to protect their information systems and medical device deployments against such attacks.
Resources such as the OWASP Anti-Ransomware Guide (https://www.owasp.org/images/c/ca/Anti-RansomwareGuidev1-6.pdf) and the OWASP Secure Medical Device Deployment Standard (https://www.owasp.org/images/c/c3/SecureMedicalDeviceDeployment.pdf) advocate for network segmentation as a critical security control. This talk will discuss taking network segmentation to the next level and implementing a zero trust approach to security whereby every device on the network is restricted to just essential communications.
The talk will provide an in depth description of the approach used to achieve zero trust in a multi-site medical center.
Music Box - 5th Floor HACK NYC 2018 events@magegroupe.comA hospital falling victim to ransomware has become an all too frequent occurrence and one that everyone should be worried about. The WannaCry attack not only took out computer systems at many hospitals worldwide but also demonstrated that ransomware had the ability to compromise medical devices as well proving that ransomware and other cyber threats not only pose a risk to patient information but also to patient safety. These attacks gave and whole new and wholly unacceptable meaning to the term Denial of Service and healthcare organizations need to take measures to protect their information systems and medical device deployments against such attacks.
Resources such as the OWASP Anti-Ransomware Guide (https://www.owasp.org/images/c/ca/Anti-RansomwareGuidev1-6.pdf) and the OWASP Secure Medical Device Deployment Standard (https://www.owasp.org/images/c/c3/SecureMedicalDeviceDeployment.pdf) advocate for network segmentation as a critical security control. This talk will discuss taking network segmentation to the next level and implementing a zero trust approach to security whereby every device on the network is restricted to just essential communications.
The talk will provide an in depth description of the approach used to achieve zero trust in a multi-site medical center.
| Code of Conduct | Press Releases |
| Get Involved | Report ISSUE / BUG |
| Tickets |
The Critical Infrastructure Association of America, Inc. is a 501(c)6 Not for Profit. The mission of Critical Infrastructure Association of America is to create a membership-based, trade association of like-minded cybersecurity and closely related industry professionals that work in the field of cybersecurity. The goal is to share best practices, establish and maintain high operational standards and to educate and interact with those in the cybersecurity community within public, private and governmental sectors.
