As threat actors continue to evolve their attacks to circumvent security measures, cyber insurers are raising the bar for prospective healthcare security clients. Underwriters are increasing their scrutiny and adding new coverage requirements, said Chris Henderson of cybersecurity company Huntress.
The new requirements include ensuring that help desk staff take extra steps to verify the identity of individuals requesting account resets, as well as a number of other measures, said Henderson, senior director of threat operations at cybersecurity company Huntress.
“You still see them looking for things like multifactor authentication on accounts, asking, ‘How many administrators do you have? How do you lock down those administrative accounts?'” he said.
“Last year, the groups like Lapsus$ really made a name for themselves by compromising some of the most major names in in the Fortune 100 – and the tactics that they used primarily were just social engineering,” he said. “These were not exploits of vulnerabilities that were unpatched. They were largely not even technical in nature. It was humans convincing other humans to provide them access,” he said.
Based on the kinds of attack trends, “you see the cyber insurance industry pivoting and their underwriters are asking about the practices that the healthcare industry is taking in order to ensure that these steps are being followed.”
In this audio interview with Information Security Media Group (see audio link below photo), Henderson also discussed:
- How the regulatory landscape in healthcare cybersecurity tracks with what cyber insurers are requiring;
- Cyber insurance premium trends;
- Evolving cybercrime groups and affiliates threatening the healthcare sector.
Henderson runs threat operations and internal security at Huntress. He has been securing MSPs and their clients for over 10 years through various roles in software quality assurance, business intelligence and information security.