Hospital Cybersecurity Budgets – 3 mistakes to Avoid
One of the biggest issues that have an impact is not having enough budget to cover Cybersecurity. Not having the right protection means that a breach of patient information is inevitable and a foreseeable event. If you’re not doing due diligence and putting in the right Cybersecurity budget, CISO’s and CMO’s could be at risk of negligence in such a case. Cybersecurity Care is as important as patient care.
One recent instance that the Critical Insight team heard about at a conference, involved a healthcare organization that suffered an incident and the total cost from detection to remediation was $5 million but their insurance company only covered 50% of that – leaving them to cover $2.5 million from their own operating budget.
Critical Insights’ advice is to do a tabletop exercise ahead of time – practice and prepare and get visibility so that you can respond rapidly to cybersecurity incidents. Ransomware gangs aren’t just chasing large hospital and healthcare groups – they are targeting local, regional, small and medium hospitals – especially given the perception that larger groups have larger Cybersecurity defense budgets.
A second mistake and common misconception is that Cybersecurity is something you can yourself. This is fine if you’re a +$50m organization and can affrod to build a 24x7x365 Managed Detection and Response security team with a SOC (Security Operations Center), SIEM and trained analysts to manage them.
Views : 27
cyber security
