Episode 235: Justine Bone of MedSec on Healthcare Insecurity

In this episode of the podcast (#235) Justine Bone, the CEO of Medsec, joins Paul to talk about cyber threats to healthcare organizations in the age of COVID. Justine’s firm works with hospitals and healthcare organizations to understand their cyber risk and defend against attacks, including ransomware. As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.  In May of 2021, Ireland’s Health Service Executive (HSE), the country’s publicly funded healthcare system, suffered a major attack by the Conti ransomware group. The attack was the most significant to date on an Irish government agency and essentially froze HSE’s IT systems, which are used by the agency’s 54 public hospitals. The outage lasted for four months , forcing health staff to revert to using pen and paper. With 80% of HSE’s IT environment encrypted by the CONTI gang, the Irish government had to pay millions of dollars to recover from. Healthcare delivery at HSE facilities was deeply affected during the crisis, as well, according to an HSE report.  Episode 223: CISA Looks To Erase The Security Poverty Line Justine Bone is the CEO of the Firm MedSec.       The report identified a number of failings by HSE, from a lack of a single, coordinated cybersecurity function at the massive agency, to a failure to properly identify and respond to clear indicators of attack prior to the deployment of the CONTI ransomware.  Healthcare: cyber risk everywhere While it is natural to think “it could never happen here,” a recent report by the Department of Health and Human Services in the U.S. concludes just the opposite. US healthcare organizations should make a study of the HSE hack from last year and take steps to prevent a similar type of attack from occurring at their facilities.  Episode 218: Denial of Sustenance Attacks -The Cyber Risk To Agriculture But how?