Boston Children’s Hospital narrowly averted catastrophe after a U.S. intelligence agency warned the FBI that mercenaries hired by the Iranian government had begun a cyberattack abusing one of their system’s security vulnerability. In recent remarks at a Boston College cyber security conference, FBI Director Chrisopher Wray discussed how the FBI worked with Children’s Hospital to thwart an attack using a software security vulnerability. Wray noted that his agency’s prior relationship with Boston Children’s Hospital was an important factor in stopping the attack.
Don’t Expect the FBI to Provide Your Cyber Security
In this case, Boston Children’s Hospital was lucky on two fronts. First, a U.S. intelligence agency identified the cyber threat and informed the FBI about the attack. Second, the FBI had the means to reach out to Boston Children’s Hospital and coordinate a response.
Odds are exceptionally high that your organization does not have a cyber security awareness relationship with the FBI. Would you even take an email claiming to come from the FBI seriously? Should you take an email claiming to come from the FBI seriously?
The simple truth is that only a handful of very high-profile enterprises, along with a group of government, private enterprise and health care organizations that have previously been targeted by hackers, have any kind of a relationship with government officials. For health care providers, first responders and utility companies that protect or provide public health infrastructure, cyber security training, recognizing each security vulnerability, and a cyber security plan are essential.
Know That You Are a Target, Act Accordingly – Address each Security Vulnerability
You can no longer wonder, “Who would attack a children’s hospital?” or “Who would attack a town water supplier?” You need instead to ask, “What can I do to make sure I’m not a victim?” As Boston Children’s Hospital learned, the answer goes beyond installing highly rated security software or taking out a cyber insurance policy.
Small business, small health care providers and small communities need to invest in cyber security training, anti-phishing training and executive-level security consulting of that a fractional CISO can provide. Protect Now specializes in developing comprehensive cyber security training programs for small organizations that interact with the public, or that rely on legacy systems. Contact us to speak to a cyber security expert and take the next steps toward protecting your organization, your clients and the public.
Written by Robert Siciliano, CEO of Credit Parent, Head of Training & Security Awareness Expert at Protect Now, #1 Best Selling Amazon author, Media Personality & Architect of CSI Protection Certification.