Download Cybersecurity Risk Assessment in Healthcare Industry during Covid-19 Pandemic and more Thesis Accounting in PDF only on Docsity! Competency 1 Risk Analysis Narrative and Register CMGTCB/559 Competency 1 Risk Analysis Narrative The worldwide pandemic of Covid-19 has caused many businesses and organizations alike to reinvent how day-to-day business needs are conducted. The work environment as we know has changed and moved to a more fluid remote environment. Telework and telehealth are just a few changes that employers and patients must adapt to, which has caused an influx of cybersecurity attacks amongst the healthcare industry that our CIO and stakeholders request to be initiative-taking, to prevent risks of breach to our healthcare network infrastructure. Today, the healthcare industry has moved towards a digitized network infrastructure that assists doctors, nurses, researchers, and patients to diagnose and understand care efforts for patients care. This system is known as electronic health record or (EHR). To maintain the integrity of our healthcare network and remain federally compliant, a risk assessment has been completed by utilizing an intrusion detection system to analyze both inbound and outbound network traffic for abnormal activities. Extended detection and response (XDR), utilizes AI technology and security operations center (SOC) to detect evasive threats, automate investigation, and enable direct response to threats. This AI or artificial intelligence system helps detect threats even unknown to match a similar malware or attack signature such as Ransomware [ CITATION Wha232 \l 1033 ]. Likewise, Wireshark is another system utilized to analyze a healthcare company packets from network traffic. This is especially essential for all telework and telehealth users, as they are connecting through a sector of our network infrastructure. The top five threats of our risk assessment are first Ransomware, which targets healthcare institutions by encrypting data from the institutions electronic health record system (EHR), for ransom. This ranks as number one due to the potential loss of all data if not properly backed up, on a server or cloud server. Next is breach of enterprise cloud services, which consist of cyber criminals attempting to hack or gain access to high value data or receive privileged access to 1. Appointing a HIPAA Security Officer- oversee monitoring efforts for cybersecurity measures. 2. Audit contracted telemedicine providers- policies set in place to ensure contracted providers also have the appropriate security measure set in place for transmitting security measures. 3. Establish procedures and policies related to data security- enable multiple factor authentication (MFA), system back up’s, data access restrictions based on job duties, password expiration policy[ CITATION Ala23 \l 1033 ] There are many opportunities for these cyber security risk to turn into potential positive opportunities; one potential opportunity is by qualifying for cyber liability insurance for health entities. According to (Cyber Insurance for Healthcare: Are You Compliant with Your Own Cyber Policy?, 2023), Cyber insurance helps protect healthcare organizations from the ever- growing cost of a data breach. Insurance will, partially or entirely, pay for the fines and fees that come with a data breach, ransomware attack, phishing attack, or other cybercrime. Without the coverage of cyber liability insurance, the cyber security mitigation efforts, purely falls upon our health organization which could potentially cost tons in legal fines and fees. Cyber liability insurance also assists in maintaining current and updated security policies, due to actions needed to continue insurance coverage. These insurance coverage security policy requirements are: 1. Annual HIPAA Assessments 2. Year around software and necessary hardware upgrades 3. User training In summary our cyber security risk assessment proves how valuable initiative-taking in assessing risk during this Covid19 pandemic is to maintain the integrity of our healthcare infrastructure. Our risk assessment assessed Ransomware, Enterprise Cloud Services, DDOS Attacks, and Telehealth security breach as known risk that could potential disrupt business operations. We have also assessed mitigation efforts and their impact on our healthcare system. According to[ CITATION CMW22 \l 1033 ] Companies must implement well-defined software upgrade procedures, should use secure networks like virtual local area networks, and conduct regular penetration tests of their systems. By understanding factors that make individuals, health care organizations, and employers more susceptible to cyberattacks, we can better prepare for the next pandemic. Risk Register Assessment Risk 1: Ransomware Risk Rank High Priority Risk Risk 2: Cloud- Services Breach High Priority Risk Risk4: Phishing Emails High Priority Risk Risk 3: DDoS Attack High Priority Risk Risk 5: Telehealth security High Priority Risk Risk Descriptio n Ransomware (Ryuk)- Ransomware such as Ryuk targets institutions such as the healthcare industry by infiltrated their network and encrypting information asset data for a ransom or fee to potentially unencrypt. Enterprise Cloud Services Breach- Attackers deploy multiple logins attempts from more than one geographica l location that is distant from Phishing Emails- Criminal actors attempt to impersonate the healthcare industry in attempt to receive payment or personally identifiable information in promising to receive medical care during covid19 to DDOS Attack-during Covid-19 attacks used many compromised machines to generate enormous fake packets which in turn brought down the online healthcare website or app. Telehealth security- Telemedicine systems are vulnerable to security risks related to sniffing, privilege escalations, and alteration/forger y because medical, private, and health Source, Threat or Risk driver Risk 1: Ransomware Prevent healthcare staff from accessing patient information, patient care status updates removed, and block patient access to medical devices. Essentially Ryuk ransomware will disrupt clinical workflow across the entire hospital system [ CITATION Cyb23 \l 1033 ] 1. Source: Cyber Criminals and Malware 2. Threat: infections within the infrastruct ure that compromi ses data or potential data loss due to encrypted data 3. Risk driver: HIPAA violation Risk 2: Cloud- Services Breach its actual origin location, that is impossible to travel between such as China from the US. The hacker then deploys high volume data access or privileged access activity [ CITATIO N Cyb23 \l 1033 ] 1. Source: Cyber Criminals and Malware 2. Threat: Lack of network encryption and MFA 3. Risk driver: potential data loss, HIPAA violation, disruption of business operation Risk4: Phishing Emails receive vaccinations[ CIT ATION Cyb23 \l 1033 ] 1. Source: Cyber Criminals 2. Threat: send malicious, misleadin g emails for criminal gain. 3. Risk driver: The network infrastruct ure affected due to malware, as well as Risk 3: DDoS Attack Attackers chose DDoS attack because it consumes the network resources quickly which can will cause the healthcare website to become unavailable for legitimate users [ CITATIO N Wha233 \l 1033 ] 1. Source : Cyber Crimin als 2. Threat : deploy ed attacks to flood the networ k to cause failure or floodin g 3. Risk driver: Risk 5: Telehealth security information as well as prescriptions are transmitted via the Internet [ CITATION Cyb23 \l 1033 ] 1. Source: Cyber security criminal s 2. Threat: Unsecur ed network due to Lack of encrypti on 3. Risk driver: HIPAA violation complia nce issue, loss of