![](https://www.groupdentistrynow.com/wp-content/uploads/2024/10/PK-DB-5297929-110124_GDN_NOV.gif")
As cyberattacks launched against the dental community continue to increase at an alarming rate, it’s crucial for DSO organizations to focus on their cyber resiliency. Hacking groups worldwide are actively targeting all businesses who store valuable patient records. A breach can lead to not only serious financial and compliance issues, but also severe reputational damage for any DSO organization regardless of their size. Here are the top strategies to strengthen your DSOs organization’s resilience using KPIs:
1. Empower Employees to Be Cyber Defenders
Human error is the leading cause of breaches and cybersecurity awareness training is a crucial component of an organization’s overall security strategy for increasing cyber resilience. It involves educating and empowering employees about the various types of cyber threats they might encounter and equipping them with the knowledge and skills to recognize, avoid, and respond to these threats effectively. The goal is to foster a security-conscious culture within the organization, where every employee understands their role in protecting the organization’s information assets. Conducting regular simulated phishing tests will reinforce this training and allow the DSO to implement what they’ve learned to avoid cyber threats.
KPIs for a successful training implementation:
Training Completion Rate: Percentage of employees who have completed the cybersecurity awareness training. DSOs should strive for a minimum of 97% completion rate within 30 days of launch. This data should be tracked monthly to account for new hires.
Phishing Simulation Success Rate: Percentage of employees who correctly identify and report simulated phishing attempts. This should be tracked at a minimum, on a quarterly basis. You should strive for a minimum of 95% success rate.
2. Conduct Ongoing Vulnerability Scans and Track Remediation Efforts
The exploitation of technical vulnerabilities is the second most common way that hackers successfully target healthcare organizations. Vulnerability scans are a way for you to be aware of your wide-open “doors and windows” before a hacker finds them. Using continuous vulnerability scanning tools helps identify weaknesses before they can be exploited by hackers. Vulnerability scans should be performed DAILY against your entire IT infrastructure, including all workstations, servers, firewalls, and IoT devices. Risk prioritization and remediation of these vulnerabilities is critical.
KPIs for a successful vulnerability management:
Number of Vulnerabilities Detected: Total count of vulnerabilities identified during each AUTHENTICATED scan. On average, a computer/server should no more than eight high-risk vulnerabilities. Vulnerability management should also be tracked monthly over a 12-month period to show a net increase or decrease. This will help you understand how well your team is addressing risk.
Time to Remediate: The average time taken to fix identified vulnerabilities. Actively exploited vulnerabilities should not exceed 5 days. The time to remediate a high-risk vulnerability should not exceed 14 days. Medium-risk vulnerabilities should not exceed 30 days.
External Vulnerabilities: Total number of vulnerabilities on firewalls. Your firewalls should have zero vulnerabilities and should be scanned daily. Strive for zero vulnerabilities.
3. Implement Advanced XDR and MDR Anti-Virus Technologies
Traditional anti-virus (AV) software has been a great tool for the past 30 years to defend organizations. However, it is not designed to protect DSOs from modern day cyberattacks. The criminal groups that target healthcare organizations are well-funded, sophisticated tech-savvy gangs of cyber criminals. They own most of the AV programs on the market and they know how to re-engineer their malicious code so that it becomes invisible to traditional AV.
Upgrading your defense to Extended Detection & Response (XDR), or Managed Detection and Response (MDR) can greatly increase your chances of fending off an attack. XDR and MDR uses advanced analytics, machine learning algorithms and threat intelligence feeds to detect and prioritize security threats, isolate endpoints and alert whoever is responsible for network monitoring. An effective MDR solution should include 24/7 monitoring by a human security professional. Trained security personnel should always be available to investigate when a tool is “sounding an alarm” and asking for help.
KPIs for MDR protection:
Mean Time to Detect (MTTD): Average time taken to identify a threat from the moment it enters the system. Malicious code should be detected in under a second. Malicious activity should be detected within 3 minutes.
Mean Time to Respond (MTTR): Average time taken to respond to and mitigate identified threats. Depending on the severity of the event, this should be a fraction of a second using MDR technology or a few hours if the response requires significant human intervention and investigation
4. Security Risk Assessments
Engage with a third-party expert to perform a security risk assessment against your DSO. This assessment should involve a thorough analysis of your organization’s security posture, including the identification of threats, vulnerabilities, operational risk, and lack of controls and SOPs. The third party will provide you with a risk register, how to prioritize risk based on their potential impact, and recommend appropriate mitigation strategies and controls to address the identified risks.
KPIs for successful security risk assessment improvement strategies:
Risk Mitigation Progress: Percentage of identified risks that have been mitigated or are in the process of being mitigated. Strive for a 75% improvement of high-risk vulnerabilities over a 3-month period and a 100% over a six-month period. Strive for a 50% medium-risk reduction over a 12-month period.
5. Commit to Implementing and Validating
Once you’ve committed to implementing these top strategies, you must verify that the money you are spending for protection is being used effectively. Modern security professionals are looking at ways of reducing redundant toolsets, increasing visibility into their blind spots and monitoring from a “single pane of glass.”
All stakeholders are responsible for contributing to building a cyber-resilient organization. There are new technologies available that provide complete visibility into your DSO’s entire security posture, using BI and KPIs.
Cyber resilient DSOs monitor and track these KPIs:
- Cybersecurity Awareness Training success
- Simulated Phishing results
- Internal and external vulnerability identification and mitigation
- Track internal and external IT efforts to minimize cyber risk within your organization
- Your Cyber Risk Score…over time for individual office locations and your organization as a whole
🚨Recent notable healthcare cyber incidents:
New Jersey Oral & Maxillofacial Surgery has notified 74,413 patients that some of their protected health information has been stolen in a cyberattack. A security incident was detected on May 14, 2024, and the investigation confirmed that there had been unauthorized access to its computer systems starting on or around April 19, 2024. New Jersey Oral Surgery immediately initiated its incident response procedures and worked quickly to secure its systems to prevent further unauthorized access.
The investigation confirmed that an unauthorized third party accessed the network and acquired certain files from its computer systems. The review of the exposed files confirmed that they contained patient information including names, addresses, dates of birth, other demographic and contact information, Social Security numbers, driver’s license numbers, state ID numbers, insurance information, financial account information, and diagnosis and treatment information.
First Choice Dental of Wisconsin confirmed it notified 227,287 people about an October 2023 data breach. The breach exposed names, Social Security numbers, dates of birth, driver’s license numbers, passport numbers, government ID numbers, credit and debit card numbers, financial account numbers, and health information. No one has claimed responsibility for the attack as of time of writing. The ransom about has not been disclosed. Founded in 1996, First Choice Dental is a chain of 12 dental clinics in Wisconsin, covering Madison and surrounding Dane County.
New York-based Aire Dental Arts notice of data breach. In June 2024, Aire Dental became aware that certain computer systems in its environment were inaccessible as a result of malicious file encryption. Aire Dental immediately launched an extensive investigation, aided by third party computer forensic specialists, to determine the nature and scope of the event and worked quickly to secure its systems, restore access to the information and investigate what happened. Through the investigation, Aire Dental determined that a threat actor gained access to a limited number of its systems and certain files in those systems were accessed.
Dental Cyber Watch is sponsored by Black Talon Security, the recognized cybersecurity leader in the dental/DSO industry and a proud partner of Group Dentistry Now. With deep roots within the dental and dental specialty segments, Black Talon understands the unique needs that DSOs and dental groups have when it comes to securing patient and other sensitive data from hackers. Black Talon’s mission is to protect all businesses from the devastating effects caused by cyberattacks—and that begins with a robust cyber risk mitigation strategy. To evaluate your group’s current security posture visit www.blacktalonsecurity.com.
Have a cybersecurity question or concern that you would
like addressed in future Dental Cyber Watch articles,
please email it to info@groupdentistrynow.com
