6 steps hospitals can take when handling cyberattacks

Healthcare is one of the most targeted industries for cyberattacks, with 45 million people affected in 2021. Thus, having the tools to prevent, prepare and respond to breaches is crucial to hospital cybersecurity. Here are some ways to fortify defenses, as outlined by a Feb. 14 McKinsey report. 


The majority of ransomware attacks start with a phishing email or a remote desktop protocol compromise, so it's critical that all employees are constantly aware of cybersecurity threats.

  • Companies can ensure that employees are using strong passwords and multifactor authentication when logging into accounts. 

  • Patching operating systems that might be old is crucial, as unchecked legacy systems can lead to vulnerabilities.

  • Make cyber awareness training mandatory for employees and teach them best practices.

Preparation and response 

Preparing for a potential attack will ensure that if a cybersecurity threat occurs, the organization will be ready. 

  • Prepare for all eventualities, knowing who will lead your response team and make decisions about whether to pay hackers. Communicate this plan to board members. 

  • When an attack hits, the first thing a hospital should do is call law enforcement for disclosure. It should also seek external counsel and insurers and inform other stakeholders.

  • Investigate alternatives to payment and try to understand who is behind the attack and how much information they have, as this will help with negotiation.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars