Preparing for the inevitable cyber attack takes time, money, and extra hard work. There is no one right way to prepare, nor is there a single solution to picking up the pieces after the attack. Ransomware events in particular demonstrate that context, insights, and diverse perspectives are critical in planning for how health delivery organizations (HDO) remain resilient to ensure patient safety and peace of mind.

Booz Allen partnered with Executives for Health Innovation (EHI) to hold an expert roundtable entitled Responding to Ransomware Attacks: Practical Advice and Experiences. During the session, executives and cybersecurity experts discussed why attacks occur, how hospitals and health systems can better prepare and respond to these attacks, and the pros and cons of paying the ransom.

This publication illustrates Booz Allen’s approach and EHI’s guidance to members on effectively mitigating cyber attacks against hospitals and healthcare systems, including:

• Understanding the attack surface for the healthcare industry
• Incident response plans (IRP) for hospitals and healthcare organizations
• Best practices on attack transparency
• COVID-19 implications on ransomware attacks