In the enterprise/traditional IT, there are the production
networks. These must be up and operating at all costs. Without this in the
business operations, not much is produced or sold. As a tool to defend against
ransomware and other attacks, there are dedicated backups, policies, and
procedures. In a perfect world, these would be checked periodically not only to
verify they are present but also the backup data is viable when used.
In hospitals, there are EHRs (Electronic Health Records)
used several times a day by the nursing staff for patient care. Among other
data, these hold the patients’ prescriptions and dosage, which the nursing
staff cannot get wrong. Liberty Hospital in MO recently had a cybersecurity
issue with their HER. They were able to get this back up and running. This
purely exemplifies the need for HER backups. Imagine you are the administrator
for the hospital or rehabilitation center. You get the call at 4pm on Friday
from IT. The staff member starts with “We have a problem.” Of the next few
sentences, all you remember is “encrypted” and “ransomware”.
While taking time and resources to try the backup, this
option is certainly better than finding out the backups are not viable after
the attack begins. Wondering if the backups are viable in our present
environment is not optimal.
Services
Enterprise and Embedded System Cybersecurity Engineering & Architecture
Red Team Product Pentesting | HW & SW BoMs | CBoM |
Vulnerability Management | Tabletop Exercises (TTX) |
Embedded Systems Architecture | Threat Intelligence |
TARA (Threat Assessment and Remediation Analysis) |
Supply Chain Cybersecurity Review
Reverse Engineering
charles.parker@mielcybersecurity.net 810-701-5511
No comments:
Post a Comment