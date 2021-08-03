You’re doing good. Our job as a defensive cybersecurity company is to protect hospitals and health systems. In doing so we’re protecting both organizations from cyber attacks, as well as patient safety and privacy.

Leon Lerman is the co-founder and CEO of Cynerio, Inc., a full-suite Healthcare IoT platform that enables healthcare providers to secure patient data and connected devices against cyber threats. He has over 15 years of experience in innovative technology development, served in Israel’s elite Unit 8200 cyber technology division, has served as a trusted security advisor to Fortune 500 companies, and has earned international recognition for excellence in the cybersecurity industry.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

As an Israeli citizen, I served in the National military service. Since I had always had an interest in computers, I found a perfect fit working in the intelligence corps, where I was exposed to a wide variety of cybersecurity capabilities. Once I completed my service, it made sense that I would continue my cybersecurity journey, but this time I decided to move from the offensive side to the defensive side. However, after a tenure of protecting bank systems and databases from cyber threats, my partner and I decided to make the move to the healthcare industry. The reason we chose healthcare cybersecurity was because it was so different from other sectors. Unlike other cybersecurity sectors, we are truly doing something good for all humanity in protecting patient safety and patients’ lives. Not only are the technological challenges interesting and exciting problems to solve, but at the end of the day, I find myself going to bed with a warmer feeling that we’re doing something good.

Are you working on any exciting new projects now? How do you think that will help people?

From day one our goal at Cynerio has always been to protect as many healthcare organizations as possible. Because of this, we are constantly working to find new ways to help hospitals reduce risk in the most efficient ways possible, knowing that in healthcare there is a critical balance between security and safety and not disrupting the medical process and negatively impacting patient care.

Right now, most healthcare cybersecurity companies focus on identifying threats, but the majority are not focused on doing anything about such risk. That’s not us — we want to be universally known as the remediation company, which is why we have built technology that takes the extra step in not only finding problems, but solving them, whether through a patch, a change in configuration, or network segmentation. As the healthcare cybersecurity threat landscape continues to evolve, we’ll continue to adjust our solutions to match the needs, keeping balance between security and patient safety.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the Cybersecurity industry? Can you explain?

1. The people. Everyone who works in the cybersecurity industry is extremely smart and intelligent, and filled with people who want to protect the greater good against cyber threats. It’s also a relatively small community, whether you are in Israel or New York, allowing us to collaborate together and build relationships.

2. It’s exciting. There is always a new threat or attack happening and the bad guys are always finding new and different ways to try to hack into networks, systems and devices. Because of this, there will always be demand for companies that need cutting-edge defenses, and it’s our job to find these new ways to prevent these attacks.

3. You’re doing good. Our job as a defensive cybersecurity company is to protect hospitals and health systems. In doing so we’re protecting both organizations from cyber attacks, as well as patient safety and privacy.

Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?

Ransomware is and will most likely continue to be the biggest threat in healthcare cybersecurity for the foreseeable future. In fact, between 2019 and 2020 alone, healthcare breaches in the U.S. increased by 55%. Over 67% of those breaches were caused by hacking and IT incidents, with about 24 million patient records being exposed to unauthorized parties as a result of cyber attacks.

The proliferation of Medical IoT and legacy devices not built for connectivity, but moving online nonetheless, provide unprecedented vulnerabilities for attackers to exploit. This is arguably the biggest weak spot for the healthcare industry.

Because the number of medical devices connected to clinical systems will continue to increase over the years, hospitals and health systems need to invest in a Zero Trust architecture; a defensive posture which assumes that every user or device on the network could potentially be malicious.

While Zero Trust is growing in popularity, with 72% of organizations across every sector plan to implement the Zero Trust approach by the end of this year, this method has yet to be widely adopted in the healthcare industry. However, Zero Trust architecture is one of the best ways to eradicate imminent and growing threats targeting extremely confidential and valuable information, such is the case in a healthcare environment.

After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?

First and foremost, healthcare organizations need to have the proper technologies and tools in place, and have the visibility required in order to detect the security breach.

From there, as soon as a healthcare organization is made aware of a data or security breach, the first thing they need to do is isolate the most critical assets. Remember, once a breach is seen, this does not necessarily mean that everything has been compromised, it means that the attacker is somewhere on the network. Given this, it’s important to understand exactly which devices have been affected and immediately isolate them on the network to make sure that the breach is not effective and does not continue to gain additional control of the most critical devices.

Additionally, healthcare organizations need to have an incident response process in place. Once a breach is detected, it’s not just about the tools and technology, it’s about having a team in place and knowing who is handling the initial triage, the investigation, the internal communication, which parties in the organization need to be involved, and all of the other steps necessary to ensure that the proper actions are taken in a timely manner.

Since the COVID19 Pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?

Globally, cybersecurity was a mess at the beginning of the pandemic. As companies went fully remote, the traditional ‘perimeter’ was destroyed and visibility into workers actions decreased, giving adversaries more opportunity to attack via phishing, brute force, social engineering and other techniques without IT security’s real-time attention. This increased attack landscape wasn’t the result of errors per say, rather it was the outcome of so many companies not being prepared to go fully remote on a moment’s notice.

We’ve seen a 50% increase in the number of healthcare-related cybersecurity breaches against hospitals and medical devices. For example, in September 2020, a 400-hospital system across the US and UK was affected by Ryuk ransomware, linked to a Russian cybercrime group known as Wizard Spider. This was possibly the largest cyber attack in US history, and completely shut down systems for days, including phones and computers being locked and unable to reboot, forcing staff revert to pen and paper.

As the number of connected medical devices is expected to reach 50 billion in the next 10 years, hospitals and healthcare systems need to invest in a strong cybersecurity system that can protect both the network and patients confidential and valuable information.

