We are amid National Cybersecurity Awareness Month, acollaborative effort between our government and businesses to raise awarenessabout cybercrime andto ensure that we have the resources we need to be safer and more secureonline.

Today’s blog will focus on two areas concerning SACSConsulting & Investigative Services, Inc. – healthcare and internationalthreats – and practical things you can do to make a difference.

Healthcare

According to a study spanning between 2009-2019 of morethan 1,400 healthcare organizations, researchers at Michigan State Universityand Johns Hopkins University found that sensitive data is already in the handsof bad actors. Here is a summary of their findings:

• 71%of healthcare data breaches involved sensitive data, such as social security numbers,driver’s license information, and credit card data.
• Thesebreaches affected 159 million individuals and
• Mostof this data will be or has been on the dark web — a network of untraceableonline activity, and websites on the internet.

How You Can Protect Yourself and Your Practice

First, before you give sensitive information to yourhealthcare provider, find out how and where the information will be stored. Ifyou are filling out or accessing information online, determine how the data isencrypted and at what level. If you are filling out paper forms in a doctor’soffice, find out where they will store that paper. NEVER fill in your socialsecurity number on a paper or online system — this is often the last thinghackers need to complete identity theft.

Second, speak to our identity theft prevention expert, Craig Freeman, tolearn more about individual and business cybersecurity protection options.

Third, if you run a healthcare practice, complete acybersecurity audit at least once a year. We can complete a full security audit (physical and cyber) that will include practical solutions for your business.

International Threats to Our Homeland

It isn’t just the United States that’s concerned about worldwidecybersecurity threats – many countries around the globe have the same fears.

Twenty-seven countries, including the US, UK, Australia, Japan, and SouthKorea, recently signed a UN agreement to remind every country to protect allcivilians from being hacked or spied upon by adhering to international law.

The countries of the most significant concerns are China, Russia, Iran, andNorth Korea. China for its decade-long hacking campaigns in multiple countriesand pirating US technology, Russia for creating the NotPetya, a ransomwareepidemic that was aimed squarely at Ukraine.

Also, we need to be concerned about AdvancedPersistent Threats where a cyber-attack can occur when hackerscovertly gain access to a system and remain inside it, undetected, for asignificant time to achieve a specific goal.

Our national experts believe al-Qaeda thrives here. Sincemost state-sponsored terrorist groups have no constraint and our currentadministration underestimates this threat, we have a perfect storm for potentiallytaking down our national power grids or…much worse.

What You Can Do

Send emails or visit your US Senators to support passageof the Advancing Cybersecurity Diagnostics and Mitigation Act (HR 6443) which directsthe Department of Homeland Security (DHS) to: (1) deploy, operate, and maintaina continuous diagnostics and mitigation program to collect, analyze, andvisualize security data and cybersecurity risk; (2) regularly implement newtechnologies and modify existing technologies to improve such program; (3)develop a comprehensive strategy to carry out the program; and (4) report tothe congressional homeland security committees on cybersecurity risk posturebased on data collected through the program. It has already passed the Housebut is yet to see Senate introduction.

Keep your operating systems, routers, IoT, and apps up todate. This one act will keep foreign entities out of your operations. Once theyare in one business computer, they potentially have access to the entiresystem.

Establish a full-spectrum electronic communicationspolicy that includes texting, BYOD, and messaging apps. We offer help in this arena,as well as training in PreventionMethods for Cybersecurity Threats.

We put you back incontrol of your business since 1989 

Contact SACS Consulting & Investigative Services,Inc. at 330-255-1101 or 888-722-7937 for more information about ways we canhelp with your cybersecurity challenges!