By: Mr. Paul Murphy

Ask most defensive coordinators in the NFL, “What wins championships?” and they’re likely to answer a dominant defense always wins. Ask most offensive coordinators the same question and you’ll likely receive the opposite answer. Now, if you ask most head coaches that very same question, most will likely tell you both a great offense and a great defense are necessary to win. The head coach is ultimately responsible for the entire team and while they may receive the most glory when their team wins, they also tend to bear the brunt of the blame when they lose. In cybersecurity, most dental practices have a JV Defense with little or no offense. To win the battle against criminal opponents, you must have both a strong offense and defense.

As the head coach of the dental practice, are you confident you have effective offensive and defensive strategies to protect the practice from a possible cyberattack or ransomware event? If not, it is time to draw up an actual game plan that will put you in a position to win the fight against criminal organizations. As the target on dental practices grows each year, changing the approach to how the practice is protected should be a top priority.

How to Begin Creating a Game Plan?
Unlike head coaches for athletic teams, you don’t have the luxury of watching your opponent’s game tapes to learn what makes them successful and where they have weaknesses. What you do have access to are cybersecurity companies that perform forensic investigations into attacks that have successfully targeted the dental community. These companies know exactly how criminals win and have a game plan to beat their next opponent. Credentialed/board-certified cybersecurity experts are your cyber offensive and defensive coordinators who assist and work with a practice’s internal/external IT resources to strengthen the existing security posture. If you were to ask these “Cyber Coordinators” what an effective strategy is to beat adversaries, you are likely to hear both offensive and defensive game plans are required. Working with a good IT provider is important but they are not cybersecurity experts and lack the tools and experience to protect you from well-funded, highly sophisticated criminal hacking groups. A separation between IT & Cybersecurity is the norm in the medical and financial industries and very quickly needs to
become the norm in the dental community.

How to Build a Strong Offense
To win any game you need a team of well-trained athletes. To win the cyber battle, you need a well-trained team of cyber defenders. The most common way dental practices are hacked is by criminals targeting team members. Spear phishing is one tool hackers use to target the dental team. These hackers are now utilizing AI technology to assist them and the ability to detect potentially malicious communications is becoming more and more difficult. Without proper cybersecurity awareness training, the practice is almost defenseless against these criminals. Earlier this year, the FBI held a briefing with Black Talon Security, the ADA and AAOMS about an active, credible threat, targeting OMS practices. This threat was a well-disguised spear phishing campaign designed to get staff members to click on a malicious link in what appears to be legitimate communications. Empowering the team and providing them with what they need to make good decisions is essential in any offensive strategy. Training, testing and ongoing simulated phishing campaigns are how to build a strong team of cyber defenders.

The second most common way dental practices are breached is by targeting network vulnerabilities. Every device connected to a network within the organization is likely to have vulnerabilities present. These devices include firewalls, servers, workstations, printers, security cameras, phone systems and all IoT devices (smart TVs, music systems, etc). Implementing an ongoing vulnerability scanning and remediation strategy is critical in protecting a business. Finding all the open doors and windows into the organization and closing them before the criminals find them is a critical part of any offensive strategy.

Penetration testing is an offensive strategy that should be used to test network resiliency. Criminal hackers use this tactic every day to test dental practice defenses. Engage with “White Hat” hackers to test the systems currently in place. Use ethical human hackers to ensure they can’t gain access to the practice’s network.

A security risk assessment performed against the dental practice by a credentialed security expert is yet another effective offensive strategy. A CISSP or HCISSP should be working with the practice and its IT resource to ensure everyone within the organization understands the entire attack surface. Remote access, third-party access, backup solutions, and policies and procedures as they relate to security are just some examples of areas that should be addressed by a credentialed security professional. This is an effective offensive strategy that will help IT resources, office managers, and HR focus on weaknesses and address them before criminals can target them.

Building a Stronger Defense 
Anti-virus software is an invaluable tool, but it is not equipped to protect your organization from a modern-day cyberattack. Relying on old technology to protect you from a modern-day problem is not an effective defensive strategy. Upgrading technology and implementing MDR (Managed Detection & Response) in the practice is a critical step in building a strong defense. This technology uses AI to recognize the fingerprints of malicious code and unnatural movement inside the network. A good MDR program can quarantine a device being targeted, fight back and defeat malicious code. MDR is an effective defensive strategy that should be relied on to win the battle if any part of the offensive strategy fails.

Not Having a Game Plan Can Be Extremely Costly 
Protecting the dental practice against a debilitating cyber event should be an important part of the practice’s game plan. These attacks are ever increasing and the damage they inflict against their targets is too. The sophistication of the attacks we’ve witnessed so far in 2024 has led to longer practice downtime. The average downtime for a practice following an attack has increased to 7-10 days. In addition to the complete loss of business continuity, organizations are also faced with ransom fees, network replacement costs, legal costs, cyber investigation and recovery fees. It’s important to note almost every ransomware attack now involves “Theft of Data” which could lead to penalties related to compliance regulations and crippling class action lawsuits.

Have a game plan and build an effective strategy now. Don’t let a cyber event destroy or delay everything!

Paul Murphy has over 20 years of experience in the technology field. Since joining Black Talon in 2018, he has been an integral part of the company’s growth and success. He has played a pivotal role in shaping Black Talon’s sales approach, building strong client relationships and driving results across the board.