The 10 Most Influential Multispeciality Hospitals The 10 Most Influential Multispecialty Hospital Sm | Page 25

Cyber-security in Care
emails. Hence, they follow the time strictly and trick
victims.
CEO Phishing
At times, attackers also launch spear phishing attacks
against corporate executives within a company. If they
can enter the network with ease, the attackers can lay
low for months collecting data on email flows. Once
they have enough information, they create a fake scene
of being a top-ranking executive and carry out evil
schemes. This situation is termed as ‘CEO Phishing’,
which is the ultimate authority scam.
Phishing schemes involve impersonating an authority
figure and CEO Phishing is the best example of this.
What better option does the attacker have than holding
the authority of a CEO? In such a case, the attackers
could pose as the CEO and direct the CFO to wire
money to a supplier, which is basically an account set up
by the attackers.
Effective Training Can Resolve the Issue
Employee training is considered as one of the best ways
to fight phishing and it should be done on a frequent
mode. The training should be impactful, timely, relevant,
and robust in the case of employees handling patients’
digital healthcare data. Also, arranging such sessions
once a year does not prove enough to combat phishing
and hence, such sessions should be organized often.
The training should focus on training employees to look
for every minute detail of a phishing attack and what not
to click on in an unsought mail. This is because the email
is considered as the most frustrating thing as it easily
opens the door for malicious attacks.
Best Security Tools
Tools such as Domain-based Message Authentication,
Reporting, and Conformance (DMARC) protocol
| March 2019 | 23