Pharmacy Data Security In A Hack-Filled World – Insurica, Protection from Malware and Ransomware Attacks – Monthly Mastermind September 2021

Learn how to protect your pharmacy from malware and ransomware attacks.

Pharmacy Data Security In A Hack-Filled World – Insurica, Protection from Malware and Ransomware Attacks

Are you 100% confident your infrastructure could withstand a cyber attack? How about being able to recover financially?

We live in a hack-filled, ransomware world.

Get critical information from Insurica to help protect your pharmacy. https://go.insurica.com/pharmacy

Summary:

Lisa Faast and her team discussed the growing threat of cyber attacks on pharmacies, emphasizing the importance of cybersecurity. Devon Hardin introduced Ryan Kusev, Insurca’s cyber expert, who detailed the risks, including data breaches, malware attacks, and funds transfer fraud. Ryan highlighted the significant financial and reputational impacts, such as a $2.6 million cost for a hospital to recover from a malware attack and the $20 billion global cost of ransomware in 2021. He stressed the need for specialized cyber insurance to cover costs, provide incident response, and mitigate risks. Lisa also addressed the importance of employee training and proper backup systems.

Action Items

• Visit go.insurica.com/pharmacy to learn more about cyber insurance options and have current coverage reviewed.
• Contact Insurica before any breach occurs to discuss cyber insurance needs and coverage gaps.

Need

• Data breaches and ransomware attacks are major risks for healthcare providers.
• Healthcare takes an average of 200 days to detect a data breach and 90 days for containment.
• Malware attacks can cause system damage and business interruption costs.
• Funds transfer fraud is an emerging risk for healthcare centers.
• Pharmacies may not have enough funds on hand to deal with cyber attacks.

Questions

• Where to get training for employees to prevent cyber attacks.
• Whether on-site physical backups are necessary or if cloud backups are sufficient.
• Whether cyber attacks are covered by standard business protection policies.
• If insurance providers help with setting up and auditing cybersecurity systems.
• How fines are determined in case of a data breach.

Sentiment

• The overall tone of the call was neutral to positive. The speakers provided informative content about cybersecurity risks and insurance options for pharmacies, and the host expressed appreciation for the information shared.

Outline

Introduction to the Monthly Mastermind Meeting

• Lisa Faast introduces the monthly mastermind meeting, emphasizing its deep dive into timely topics relevant to pharmacy owners.
• Lisa highlights the importance of understanding cybersecurity, especially in light of recent hacking incidents.
• Lisa introduces Devon Hardin, a property and casualty agent, and Ryan Kusev, the resident cyber expert at Insurca.
• Devon Hardin provides a brief introduction of the team, including Ryan Kusev and Julia Hester, who will be discussing cybersecurity.

Overview of Cybersecurity Risks in Healthcare

• Ryan Kusev begins the presentation by discussing the risks in the healthcare sector, particularly data breaches.
• Ryan explains that healthcare providers hold large amounts of sensitive information, making them attractive targets for cybercriminals.
• He mentions the average time to detect and contain a data breach in healthcare, which is 200 days and 90 days, respectively.
• Ryan highlights the financial and reputational impacts of data breaches, including HIPAA regulations, notification requirements, and fines.

Types of Cyber Attacks and Their Impact

• Ryan discusses malware attacks, which cause system damage and business interruption costs, leading to reputational harm.
• He explains that cybercriminals often seek money from businesses, but sometimes attack for the fun of it.
• Ryan introduces an emerging risk: funds transfer fraud, which involves phishing emails to dupe healthcare providers into transferring money to fraudulent accounts.
• Ryan provides case studies of data breaches and malware attacks, illustrating the devastating impacts on healthcare providers.

Case Studies of Cyber Attacks

• Ryan describes a ransomware attack on a medical service provider, encrypting 120 workstations and 15 servers, making patient records inaccessible.
• The IT vendor was able to wipe the ransomware, but the forensic analysis was impossible due to the attack.
• The medical service provider had to notify 100,000 patients, incurring significant costs for notification and investigation.
• Ryan emphasizes the importance of engaging a cyber insurance provider immediately after an attack to preserve evidence and minimize costs.

Impact of Malware Attacks on Hospitals

• Ryan discusses a large-scale malware attack on a hospital, rendering devices and servers inoperable and making patient data inaccessible.
• The hospital had to hire additional nurses and declare a red alert, leading to longer wait times and patient transfers.
• The hospital incurred significant costs in system damage, business interruption, and hiring additional staff.
• Ryan highlights the importance of having a cyber policy to cover these costs and provide access to experts and forensic specialists.

Coverage and Benefits of Cyber Insurance

• Ryan outlines the coverage highlights of cyber policies, including incident response, cybercrime, business interruption, and HIPAA compliance.
• He explains that cyber policies provide access to forensic specialists, PR firms, and lawyers, often with no deductible to the insured.
• Ryan emphasizes the importance of having a cyber policy to cover gaps in traditional business policies.
• He mentions the increasing frequency and severity of cyber attacks, with ransomware demands and costs escalating significantly in recent years.

Q&A Session with Ryan Kusev

• Lisa Faast asks about training for employees to prevent phishing attacks, and Ryan recommends cyber insurance policies that offer discounted or free training.
• Lisa inquires about backup solutions, and Ryan explains the importance of off-site backups, either on-site or in the cloud, protected with a VPN.
• Lisa asks about the coverage gaps in traditional business policies, and Ryan explains that cyber policies fill these gaps, covering electronic data, hardware, and data.
• Julia Hester adds that healthcare providers are often targeted more due to the value of their data, and traditional policies may exclude HIPAA claims.

Final Thoughts and Recommendations

• Ryan Kusev concludes his presentation by emphasizing the importance of having a cyber policy to respond to and recover from cyber attacks.
• He highlights the need for emergency response services and financial coverage in today’s rapidly evolving cyber insurance market.
• Lisa Faast thanks the team and encourages pharmacy owners to use Insurca as a trusted resource for cybersecurity advice and coverage.
• Lisa provides the website for Insurca, inviting pharmacy owners to learn more and assess their current coverage.