DAVID RAJKOVIC , MANAGING DIRECTOR A / NZ , RUBRIK

ime and again , cybersecurity reports

In fact , recent research from Rubrik Zero Labs found healthcare organisations observed by Rubrik experienced 50 % more encryption events than the global average , all while the amount of their sensitive data records grew more than 5x the global average .

This explosion of sensitive data can explain why healthcare is so heavily targeted . When it comes to financially motivated attacks , sensitive data can be seen as a goldmine – particularly health records . Attackers assume a hospital or medical service would be willing to negotiate the return of such records given the private information .

The other side of the issue that puts healthcare in the sights of attackers is the lifesaving work they do . Should an encryption event disrupt a hospital ’ s ability to provide care , attack groups believe the hospital ’ s management would be more likely to give in to ransom demands .

A cybersecurity approach that minimises the impact of these attacks while ensuring high-quality care comes down to ensuring one thing – continuity of care .

A cybersecurity approach that minimises the impact of these attacks while ensuring high-quality care comes down to ensuring one thing – continuity of care . This means rapidly recovering and restarting services within minutes or hours , certainly not days or weeks , following an attack .

As recent incidents show , it ’ s clear perimeter defences alone are no longer enough . Cyberresilience strategies need to be prioritised as a matter of urgency . This requires adopting an ‘ assumed breach mindset ’ and planning ahead for the inevitable day when attackers breach defences . Doing so can allow an organisation to rapidly identify exactly what data has been taken , which customers have been impacted and the most recent clean recovery point to accelerate remediation efforts .

Consider the experience of St Luke ’ s University Health Network , a non-profit healthcare provider in the US that cares for more than 80,000 patients and 340,000 ER visits every year . After running cyberattack simulations , St Luke ’ s discovered it would take months to recover and cost millions of dollars if they were hit with ransomware – not to mention the severe impact on patient care .

To overcome this risk , the network pursued a strategy of cyber-resilience . Its strategy involved transforming its data backups to be immutable and rapidly recoverable following an attack . It also gained the ability to scan backups to detect anomalies and hunt for threats . By doing so , St Luke ’ s can recover operations within minutes or hours instead of months . This approach ensures continuity of care by prioritising cyber-resilience .

While everything needs to be done to stop attacks before they happen , it is equally important to ensure a rapid recovery after a successful attack .

30 WWW . INTELLIGENTCISO . COM