Whether you are avid followers of Group Dentistry Now’s Cyber Watch series or just an occasional reader, you’re likely aware of the escalating cyber threats that DSOs are facing. Many leaders understand the importance of enhancing their security to combat these sophisticated threats, but often struggle to do so within existing budget constraints. This article offers some practical strategies for strengthening your cybersecurity posture without the need to compromise or increase budget.

The 3 Rs

Replace all Relics and Redundancies.

For any CTO, CIO, or tech leader, the first step is assessing your existing cybersecurity infrastructure. You need to start by identifying any outdated systems, ineffective processes and redundant technologies. This may require letting go of technologies that you have relied on for years — such as traditional anti-virus (AV) software — to implement more advanced solutions like endpoint detection and response (EDR) or managed detection and response (MDR).

Traditional AV is largely ineffective against modern day ransomware and even the newest version of any traditional AV is still based on antiquated technology. DSOs who utilize different versions of AV across locations or have multiple managed service providers (MSPs) deploying their preferred AV solutions are likely overspending for outdated technology that does little to protect them. It may actually be less expensive for your organization to replace this outdated technology with more modern tech includes 24/7/365 monitoring by human security experts. Transitioning to a single EDR/MDR solution not only will enhance your security and improve standardization but may also reduce cost by consolidating and modernizing your security stack.

Guided Prioritization to Maximize Resources

Attracting and retaining qualified technical professionals is an ever-growing challenge with the talent shortage. Most internal tech teams are stretched too thin simply managing basic operations such as maintaining networks, replacing computers, and putting out fires. Often, this leads to a heavy dependence on external MSPs to supplement internal staff, only adding to the complexity when attempting to standardize processes and improve data security. Tech leaders need to be able to effectively prioritize initiatives to protect the organization within the resource constraints of time, budget, and manpower they are up against.

New technologies exist that can automatically identify vulnerabilities across your network and prioritize them based on risk severity levels. These solutions also have the ability to autonomously remediate most of the high-risk vulnerabilities that it detects. Think of it as a tool that enables your network to “Self-Heal”. The exploitation of these technical vulnerabilities is the second most common methodology that hackers use to deliver ransomware. By addressing the most common exploits, this tool significantly reduces your security risk and automates the patching process to boost efficiency, standardization, and protection.

Security stack improvements such as this can aid leaders figuring out how to do more with fewer resources. Empower your tech team — whether internal, external, or a mix of both — to focus their efforts on high-priority security flaws without increasing headcount.

Achieving Affordable, Effective Cybersecurity

Strengthening your cybersecurity program doesn’t have to break the bank — and is far more affordable than you may think. By removing outdated technologies, eliminating redundancies and adopting modern integrated solutions, most DSOs can enhance their security and compliance without increasing their budget. When evaluating the need to replace outdated tech with more modern solutions, note it is typically a replacement cost and not a new cost. Plus, adding powerful automation into your tech stack is certain to improve your security posture while potentially reducing your labor / IT spend.

These savings can allow you to reallocate resources and take a more sophisticated approach to information security. Partnering with a cybersecurity firm who uniquely understands how to defend DSOs from the latest threats can help ensure robust protection and provide a seamless implementation process with no interruptions or integration headaches within your practices.

---

🚨Recent notable healthcare cyber incidents:

GPS Sango Family Dentistry, PLLC reported to the U.S. Department of Health and Human Services that it had experienced a data breach impacting 27,000 employees and patients. According to an online notice on Sango Family Dentistry’s website, an investigation into unusual activity on the company’s systems determined that an unauthorized party extracted data from its network on or around August 27, 2024. The potentially affected information varied by individual and included names, Social Security numbers, driver’s license or state ID numbers, dates of birth, medical information, diagnoses and diagnosis codes, treatment information, provider names, health insurance information, billing/claim details, health benefit plan numbers, and subscriber member numbers. On October 21, 2024, the company began sending notice of the Sango Family Dentistry data breach to affected individuals for whom it had identifiable home address information.

---

In October, 2024, Smile Design Management, which operates dozens of dental clinics throughout Florida, reported to the U.S. Department of Health and Human Services (HHS) that it was the victim of a hacking/IT incident. In a notice posted to its website, Smile Design stated that it identified unusual network activity concerning third-party software on February 22, 2024. An investigation revealed unauthorized access to certain files within Smile Design’s network occurred between February 22 and February 23, 2024. The company’s online notice does not state the specific type of information that was compromised in the Smile Design Management data breach. However, entities covered by the Health Insurance Portability and Accountability Act (HIPAA) are required to report certain breaches involving protected health information to the HHS Secretary.

---

Fortinet warns of critical vulnerability in FortiManager underactive exploitation. FortiManager is a management tool designed for controlling various FortiGate network and security appliances such as firewalls and VPNs. Threat actors often target network devices due to the insights they provide about an organization’s overall network environment and the opportunities for additional post-exploitation activities. Organizations with public-facing FortiManager instances should check for indicators of compromise as soon as possible.

Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. “A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests,” the company said. No less than 50 potentially compromised FortiManager devices across various industries have been identified to date, with evidence of exploitation dating back to June 27, 2024. Data shared by attack surface management company Censys has revealed that there are 4,081 exposed FortiManager admin portals online, with nearly 30% of them located in the U.S. Roughly 20% of the publicly-accessible instances are associated with Microsoft Cloud.

---

Dental Cyber Watch is sponsored by Black Talon Security, the recognized cybersecurity leader in the dental/DSO industry and a proud partner of Group Dentistry Now. With deep roots within the dental and dental specialty segments, Black Talon understands the unique needs that DSOs and dental groups have when it comes to securing patient and other sensitive data from hackers. Black Talon’s mission is to protect all businesses from the devastating effects caused by cyberattacks—and that begins with a robust cyber risk mitigation strategy. To evaluate your group’s current security posture visit www.blacktalonsecurity.com.