protecting ephi: log monitoring & hipaa | controlscan
TRANSCRIPT
Early Detection is Key:
Log Monitoring's Role Under HIPAA
PRESENTATION
PREVIEW
A Perfect Storm is Brewing in Healthcare
Steve RobbSVP, Security Marketing & Products
ControlScan
Harrison MidkiffSales Engineer
LogRhythm
Marc PunziruduManager, Security Consulting Services
ControlScan
COMPANY CONFIDENTIAL
The Growing Cyber Threat to Healthcare
The Modern Cyber Threat Pandemic
$7 to $8Cloud Accounts
$50per Healthcare Record
WELL-ESTABLISHED CYBER-CRIME ECONOMY
MOTIVATED AND WELL-FUNDED THREAT ACTORS
Terrorists Nation States
MaliciousInsiders
HacktivistsOrganizedCrime
CREATIVE AND SOPHISTICATED ATTACKS
Zero-Day Exploits
CustomMalware
Social Engineering
Physical Compromise
Spear-Phishing
EXPANDING ATTACK SURFACE
Endpoint Network Cloud and SaaS
MobileDevices
Users IoT
$0.50 to $20Credit Card Number,E-mail Accounts (per 1000)
Up to $3,500Custom Malware
Up to $1,000 / dayDDoS Attack
DDoS
MODERNTHREAT
LANDSCAPE
Source Symantec, Underground black market: Thriving trade in stolen data, malware, and attack services. December 10, 2014; Medscape, Stolen EHR Charts Sell for $50 Each on Black Market, April 28, 2014
The Healthcare Industry is Not Immune!
Early breaches tied to
carelessness and petty theft……and ransom demands
• $17,000 ransom
• Mac McMillan, CEO - “It's easy to stand on principle when
you are not the one looking down the barrel of the ransom
demand."
Hollywood Presbyterian Medical Center
Latest breaches organized around
data harvesting…
• As many as 4.5 million patient records
• Could have started as early as September 2014
UCLA Medical Center
COMPANY CONFIDENTIAL
Establishing a Security Strategy
Log Monitoring Within the Healthcare Industry
LogRhythm Security Intelligence Platform
Nurse Station
Radiology Pharmacy
Oncology
EHR
BiomedDevice
5 Arguments for Security as a Service
Eyes on Security
Continuous monitoring
Shared insight
Rapid response
Solution Evolution
Scalable with business
Adaptable to threats
Growth in capability
Best Practices,
Proven Processes
Predictable deployments
Dependable operations
Consistent SLAs
Access to Experts
On-demand security talent
Integrated compliance knowledge
Leveraged experience
Financial Flex
Minimal up-front investment
Reduced hiring/retention costs
Fractional SOC costs
Q&A + Learn More
ControlScan.com
800-825-3301, ext. 2
Be social with us!
Access the complete presentation at:
https://www.controlscan.com/log-monitoring-under-hipaa/