Ransomware completely took over Erie County Medical Center’s (ECMC) computer systems in April. The malware completely corrupted the systems, and the hackers demanded $30,000 in ransom if they wanted the systems restored. Instead, the medical facility spent approximately $10 million to rebuild its systems. Roughly half of those funds were the cost of hardware, software, and third-party assistance to rebuild the systems. The remaining $5 million was allocated as damages as a result of the ransomware attack. This included lost productivity, lost revenues, and overtime pay for those who rebuilt the systems.
According to Fierce Healthcare, an additional $400,000 will be spent monthly to enhance the facility’s cyber security. However, with the growing cyber security threats, a misconception has established — if organizations spend more money on security they’ll get better protection. Wrong. Regardless of how much money is spent on protection they could still be infected unless they find the right protection. But how do they do that?
Focusing on Detection Rates
If organizations are going to replace an existing security solution, it’s important to ensure they’re getting a better product than they already have. This doesn’t necessarily mean something more expensive. When it comes to a security solution, the replacement antivirus must outperform the prior solution. A way evaluate performance is to check third party detection testing. Users can do so through various third party testing agencies, such as AV Comparatives and Virus Bulletin.
It is important businesses do not begin associating “the best security solution” with what is most expensive. For example, ECMC significantly increased their IT budget to get “better” security to battle today’s threats. Unfortunately, spending thousands of dollars more doesn’t necessarily mean they’re getting better protection.
Finally, organizations need to research security providers. Understand, there are several pieces to picking the right security solution. First, do you just want an antivirus? Do you want something that also include automated scans? Do you need remote access to the security software’s platform? Are PC optimization tools wanted? How do you feel about application whitelisting technology? Do you need something that will also cover patch management and driver updates? It is best to keep all of these things in mind when looking into a security solution. It is also important decision makers look at consumer reviews, Better Business Bureau rating, and detection and prevention rate testing.
