Cloud Security Alliance Releases New Guidance for Healthcare Delivery Organizations That Provides Measurable Approach to Detecting and Defending Against Ransomware Attacks

The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released Ransomware in the Healthcare Cloud, new guidance from the CSA Health Information Management Working Group. The document explains how cybercriminals use ransomware to attack both the healthcare delivery organization (HDO) and the cloud service provider, and offers security practitioners strategies for detecting ransomware and protecting an HDO's data.

"When one considers that 2020 saw a 715-percent year-over-year increase in ransomware attacks and the devastating effects and cost ransomware leaves in its wake, it's no wonder HDOs are under significant strain to prevent these attacks. Ransomware can significantly impact an HDO's operation, patient safety, and reputation and cause a complete shutdown, putting patients at risk. This makes it imperative that they do all they can to secure their data regardless of where it's housed," said Dr. Jim Angle, the paper's author and co-chair of the Health Information Management Working Group.

Presented in accordance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework's structure of identify, protect, detect, respond, and recover, the guidance takes a structured, measurable approach to defending against ransomware and details the processes HDOs should be taking to lessen the chance of a successful attack. The document, in addition to reviewing the seven stages of a ransomware attack and common social and physical engineering attack vectors, points readers to several control frameworks, including the Cloud Controls Matrix, an industry-recognized cybersecurity control framework for cloud computing, that can be used to support the NIST Cybersecurity Framework.

"Ransomware attacks can be devastating for HDOs. Not only is there the potential loss of valuable and irreplaceable files, but it can take hundreds of hours of manpower to remove the infection and get systems working again. It's critical that HDOs have a clear understanding of their business and technology so they can apply the appropriate security measures and mitigate their risk," said John Yeoh, Global Vice President of Research, Cloud Security Alliance.

As the paper explains, traditional backup methods no longer suffice in the face of time-delayed ransomware attacks. Nor are public clouds impervious, and while they do offer greater protection, because cloud storage is increasingly being used to back up healthcare data, it too is a popular target for ransomware attacks. To protect patients' data, HDOs must architect their cloud for failure, beginning with identifying an HDO's assets, business environment, governance, risk management, and supply chain. To help users ensure they are following the proper steps, the document also includes a quick-response checklist from the Department of Health and Human Services, Office for Civil Rights.

Download the full Ransomware in the Healthcare Cloud now.

The CSA Health Information Management Working Group aims to provide a direct influence on how health information service providers deliver secure cloud solutions (services, transport, applications, and storage) to their clients, and to foster cloud awareness within all aspects of healthcare and related industries. Individuals interested in becoming involved in Health Information Management future research and initiatives are invited to join the working group.

About Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud ? from providers and customers to governments, entrepreneurs, and the assurance industry ? and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.