15 Apr ITIL best practices the ultimate backstop for hospital cybersecurity, research CEO says
Healthcare entities that want to be well positioned against cybersecurity threats must know what resources they have, how those are configured, and tightly control any changes, IT Process Institute chief executive Scott Alldridge said.
IT Process Institute CEO Scott Allridge has cybersecurity advice for healthcare executives: Consider ITIL, the framework formerly known as the Information Technology Infrastructure Library.
“Following ITIL best practices becomes the ultimate backstop for your security posture,” said Scott Alldridge, CEO of the IT Process Institute, a research firm that studies top-performing organizations and best practices.
Despite all the money healthcare organizations spend on security tools, such as firewalls, intrusion detection and prevention systems and email security it is becoming painfully clear — especially in light of the ongoing ransomware attacks — that executives and employees are the biggest threat.
“People are being phished and enable viruses and encryption piracy tactics,” Alldridge said. “As a result, we have to go deeper than technology solutions and have great detective-based and best practices-based controls, and better social engineering around awareness, because if a hacker can phish a person or become a person’s connection, then a threat becomes very difficult to detect.”