Imagine arriving at your office and discovering that 100 % of your computers are encrypted with ransomware . You contact your IT vendor and they say , “ we have a major problem .” Not only is your data encrypted , but the hackers left a note indicating they also STOLE your data . Then you find out all your backups , including your Cloud backup , are gone . Through an investigation , it is determined that hackers installed screen sharing software four weeks prior to the ransomware attack and have been watching everything you do on your computer – including accessing your Cloud software .
Too many practices make the mistake of assuming that “ the bigger the practice , the bigger the risk ,” but the reality is that small-to mediumsized dental offices are even more attractive targets for criminal hackers .
This is a growing problem in the dental space . Some common themes that we have seen in these attacks against practices are :
1 . Each practice thought they were protected by their IT company .
2 . Every practice had a firewall and anti-virus software .
3 . The recovery costs and practice interruption resulted in practices spending in excess of $ 100,000 .
4 . All local backups were encrypted with ransomware and many of the Cloud backups were destroyed by the hackers .
5 . Most systems had been compromised for days or even weeks prior to the IT company or practice ever knowing that they had been breached .
As a dentist , you are a specialist in your field . Black Talon Security is a specialist in cybersecurity . It is important to understand that IT companies are not cybersecurity companies . Relying strictly on your IT company may ultimately result in a disaster that could have easily been avoided . It is critical for you to understand the importance of engaging with a company who specializes in security .
Taking the next step and engaging with a dedicated cybersecurity company is easier and less expensive than you think . There are companies who offer affordable , effective security solutions that add the necessary layer of protection that practices should have in place to protect themselves and their patients . At a minimum , any company who you would consider working with should offer the following four pillars of an effective security solution :
1 . Cybersecurity Audit - A complete audit of your operations , technology , policies , and procedures .
2 . Vulnerability Management - This will help to manage vulnerabilities that exist on your network . These vulnerabilities are present on everyone ’ s network and are what hackers use to gain access to your data .
3 . Cybersecurity Awareness Training - This helps further educate you and your employees to better understand the risks that exist to your practice . It empowers them with the knowledge to help them minimize these risks .
4 . Penetration Testing - Penetration tests ( done by ethical hackers ) should be performed against your network on ( at least ) an annual basis .
Why not begin 2021 with empowerment and take the necessary steps to protect your practice ? Let ’ s take some of the power away from the ruthless cybercriminals who have wreaked havoc against the health care and dental industry in 2020 .
You are not powerless . You can avoid becoming a victim by learning how you can be proactive and protect your patients and your practice from a cyberattack . It ’ s not IF it will happen to you , but WHEN . Let us help you avoid being the next victim .
MARCH / APRIL 2021 | PENNSYLVANIA DENTAL JOURNAL 13