The Devil in the Details? Put Cybersecurity First!
By Stephen Trout, , HIPAA Blog, Security, Uncategorized

Frank: “Hey, when the devil shows up, you think he’s gonna have little red horns and carry a pitchfork? No, he’s gonna work for Amnesty International, and he’s gonna give all his money to the homeless…”

Bertram: “Well, if he did all that, wouldn’t he lose the title ‘the devil’”?

   – from the film Ghost Town

It doesn’t need to be Halloween – or even Cybersecurity Awareness Month – to enjoy a great movie with a lot of heart. And if the main character happens to be a people-hating dentist (Rickey Gervais) who sees dead people, you’re in for a real treat and plenty of laughs – just be sure to bring some tissues.  

For Cyber Awareness Month (believe it or not), there’s a parallel. Like the devil mentioned in the lines above, we’re reminded how a hacker primarily fools his victims: pretend to be something you’re not

It’s why a devil prefers to look like an angel; if he showed up in true form, the jig would be up, right? 

Hackers know that too – which is why they’ll wear a mask (no, it won’t be the scary jumpsuit from Squid Game, or Michael Myers) – but it could look like: 

  • your own CEO, sending you an “urgent to-do list.”
  • a reputable business (your bank, Facebook, or even a favorite business or department store), with an email offer so appealing, you simply can’t refuse. 

Either way, before you know it, you’re caught up in your own (cyber) horror show.

Pretending to be what you’re not is the essence of social engineering, and hackers have it down to a science. Like Count Dracula, they’ll appear legit (except in a mirror) – only to later climb in a window, or come right through the door you left open and suck you dry. 

Cybersecurity First

Acknowledging that there are devils-in-disguise out there (or even within) who crave your data is an apt reminder; and because “God is in the details” – likely the original phrase – we can prioritize the welfare of others by putting cybersecurity first.

But Cybersecurity First isn’t just a mandate for your IT team; it extends to us all:  

  • Developers – Are you designing a new website or app? Think security first! Especially if it will handle protected health information, you will need to design security into your products and processes. HIPAA compliance and data protections can’t be an after-thought, but must be built-in, from the design phase on.   
  • Healthcare Businesses – Cybersecurity training must be part of employee onboarding. All staff should have cyber-awareness (including phishing) training to recognize threats. Equip everyone with the tools they’ll need to keep sensitive data – and the organization – safe. 
  • Individuals – As the National Cybersecurity Alliance notes, “keep cybersecurity at the forefront of your mind as you connect daily. Before purchasing a device or online product, do your research. When you set up a new device or app, consider your security and privacy settings and update default passwords. Cybersecurity should not be an afterthought.”

Take Action Now!

No one ever imagines they’ll be in a horror movie – especially the kind with lawsuits from patients who’ve had their data compromised, or significant HIPAA fines, or even millions in ransomware and mitigation costs. 

Rose-colored glasses and distractions might help you temporarily forget, but the truth is still out there. When the masks are removed and you find out you’ve been hacked, you’ll have a devil of a time trying to recover.

The good news is, you can put a stake in the heart of the hacker monster today. Strong passwords, updating your software, and implementing two-factor authentication will go far in keeping most attacks at bay. 

As a proven healthcare cloud expert, HIPAA Vault can also help you stay on top of the latest threats to your healthcare data. We apply the latest cyber-protections and fully managed security to help keep you from a devastating data breach.

You’ll rest easier (even on Halloween) knowing we’re on the job, 24/7. To learn how we can help you slay the monster and protect your business, give us a call! 760-290-3460.

Trust HIPAA Vault to provide the safe communications & positive patient experiences that you expect! All our solutions are designed to protect you from costly HIPAA violations and fines, and data breaches that can ruin your business reputation. Our fully-managed security is designed to limit your liability and bring peace of mind!