This publication and the abstract below was published by The Pell Center for International Relations and Public Policy in October 2017. ICIT strongly encourages you to visit the The Pell Center for International Relations and Public Policy Publication Library to search for additional information security resources which are freely available.
Surviving a Cyber Attack : Preparedness and Resiliency in Action
This report is based on content discussed during the “Cybersecurity & Healthcare Tabletop Exercise,” conducted by the Salve Regina University’s Pell Center in collaboration with PreparedEx, SecureWorks, and the Newport County Chamber of Commerce on May 10th, 2017. The event was attended by senior leaders and security professionals from over 30 healthcare organizations in New England, as well as representatives of the R.I. Department of Health, R.I. Office of the Health Insurance Commissioner, and law enforcement agencies. The primary goal of this cybersecurity tabletop exercise was to provide healthcare organizations and state agencies with greater insight into the specific cybersecurity issues they face and explore possible responses and mitigation strategies that could lead to industry-driven solutions.
The exercise involved a series of cyber intrusion scenarios created to identify weaknesses common in the healthcare industry and addressed real-world cascading effects, including consequences for the provision of healthcare, outcry from patients, and media fallout for the organizations that fall victim to such attacks. The exercise was designed to show how different cyber threat vectors can infiltrate even the most sophisticated computer systems and networks, and also to explore possible remedies, mitigation techniques, and incident responses. Participants worked together on a range of timely and important cyberrelated issues, including: ransomware and data breach response and remediation, data leakage considerations, digital forensics investigations, crisis management, legal and regulatory compliance, and cyber liability insurance.