Contact Us

On March 14, an article on ransomware preparedness in healthcare by NetSPI Managing Director Chad Peterson was featured in Healthcare IT Today. Read a preview below or view it online.

+++

As ransomware attacks become more sophisticated, healthcare organizations have become desirable targets due to the valuable data shared across medical records and the constant need for service availability. In fact, a recent JAMA Health Forum report indicates that from 2016 to 2021, the annual number of ransomware attacks on the healthcare sector more than doubled. 

With the rise in these attacks, healthcare organizations must have an in-depth understanding of their security posture, including how breaches may occur and how to take an offensive approach to defend against them. As such, IT administrators must ensure they are addressing basic security needs. They can achieve this by taking the following three foundational steps.

Implement Standard Security Protocols

The first step for IT leaders to ensure ransomware preparedness is to implement security protocols that help prevent attacks before they occur. This includes checking for vulnerabilities and misconfigurations through vulnerability scanning and continuously patching systems when weaknesses are identified. Penetration testing should also be routinely conducted to proactively identify and verify exploitable vulnerabilities in IT systems. Continuous pentesting, which often takes the form of attack surface management, helps identify and protect assets exposed externally.

Awareness of an organization’s potential entry points is especially critical with the increased usage of connected medical devices and telehealth services. Furthermore, the transition to electronic health records (EHRs) has reinforced the need for tightened identity and access management processes. IT administrators should consistently remove user accounts that are no longer needed, implement multi-factor authentication (MFA), and utilize methods of least privilege or role-based access to ensure only appropriate users can access patient data. 

Continue reading at Healthcare IT Today for more foundational steps to address ransomware attacks including, how to prepare for a breach and best practices for creating a security awareness program.

Explore More News

NetSPI in the News | April 6, 2026

When AI Starts Taking Action, Security Needs to Think Differently

CIO Influence interviewed NetSPI's Field CISO, Nabil Hannan, for an April 6, 2026 article about how AI systems are evolving from generating outputs to taking autonomous actions, amplifying existing vulnerabilities and requiring organizations to adopt proactive security measures and robust governance to mitigate risks.

Learn More
NetSPI in the News | April 1, 2026

Minneapolis Cybersecurity Firm NetSPI Eyes $80M-Plus Acquisitions to Fuel AI Push

Minneapolis/St. Paul Business Jounral interviewed NetSPI's President and CEO, Aaron Shilts, for an April 1, 2026 article about NetSPI pursuing acquisitions to expand its AI capabilities, enhance customer offerings, and maintain sustainable growth among evolving industry demands.

Learn More
NetSPI in the News | March 31, 2026

March 31 is World Backup Day. Here’s How to Protect Your Data Now

Forbes interviewed NetSPI's Field CISO, Nabil Hannan, for a March 31, 2026 article about World Backup Day and the importance of protecting data.

Learn More
Proactive Security News You Actually Want to Read. Sign Up for the NetSPI Newsletter Today.
NetSPI

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so you can protect what matters most to you.

© 2026 NetSPI LLC.

Privacy Policy

Modern Slavery Statement Trust Center