Commercial risk will be a critical catalyst of progress – it’s complicated, but is it possible? We think so.


Resource Library

Cybersecurity Resource Library

Events of the past few years have magnified the interest, attention, and funding provider organizations must dedicate to cybersecurity resiliency. Most non-IT executive leaders now grasp the full weight and risk of unpreparedness.

Despite its importance, cybersecurity is a consistent and challenging internal conversation for IT and security leaders. And as we enter a new era of IT-enabled and IT-driven business and clinical strategies, the trends of innovation, disruption, and digital transformation will further complicate the already complex cybersecurity landscape.

To simplify this complex environment, the Health Care IT Advisor research team developed the following simple Cybersecurity Ecosystem Model to highlight critical areas for discussion and action. Note that these areas extend well beyond technical capabilities.


Cybersecurity Ecosystem Model

cybersecurity ecosystem model

To get started, use this resource page to guide you through the following 5 steps for becoming a cyber resilient organization.


1. Understand the full cybersecurity ecosystem to build cyber resilience through layers

Traditionally, many health care organizations have approached cybersecurity as a technology issue. While various security technologies can improve an organization’s risk posture, technical tools are not enough. Cyber resilience requires efforts in three crucial areas: governance and policy, process and education, and technology and services.

Paint a picture of a cyber-resilient organization
Download this infographic to explore the ecosystem of preparation efforts required for cyber resilience, key actions for IT leaders, and top lessons for non-IT leaders.

Anonymity in the digital age
This research outlines some industry assumptions about privacy and offers our perspective on how we need to think differently moving forward.

3 steps to (finally) address your cybersecurity 'elephant in the room'
If you're ready to stop ignoring the "cybersecurity elephant in the room," here are three concrete steps your organization can take to improve its cybersecurity posture.


2. Engage senior leaders and staff to advance the organization’s security maturity

The prevalence of disruptive cyberattacks and large breaches have moved cybersecurity squarely into the C-suite and boardroom. As executive leader interest in cybersecurity grows, IT leaders must help non-IT leaders better understand their role in mitigating cyber risk for the organization. The resources outlined below articulate key messages for IT leaders to discuss with CXO executives.

Security and the C-Suite
The prevalence of disruptive cyberattacks and large breaches in 2016 focused a magnifying glass on cybersecurity for health care organizations. As C-Suites and Boards grapple with this “new” priority, they often turn to the CIO for clarity and guidance in cybersecurity’s complicated and constantly evolving landscape.

Cybersecurity Cheat Sheets for the C-Suite and Board
These cybersecurity cheat sheets provide a comprehensive approach to cybersecurity and critical questions regarding involvement in cybersecurity for several executives leadership roles across the organization.

How to be a cybersecurity sentinel
Use this infographic to learn what senior health care executives need to know—and do—to achieve cyber resilience at their organizations.

Hackers are targeting health care workers with these 7 coronavirus scams
When a crisis hits, hackers sense an opportunity to pounce—and many are using the coronavirus epidemic as an opportunity to target health care workers. Advisory Board's Mark Hetz rounds up the coronavirus-related subject lines hackers are using now, and three ways to protect your organization.

Why does health care keep facing breaches and ransomware? Maybe it's time to revamp staff training.
Year after year, health care organizations continue to experience breaches, ransomware, and other security threats. A crucial defense against these threats is internal staff training, but these programs are due for a revamp.


3. Optimize the effectiveness of your Chief Information Security Officer (CISO)

The fast-changing nature of the cyber landscape demands that health care organizations reexamine the role of the CISO to effectively protect their enterprise. No longer a purely technical role, the CISO must now be a strong, risk-focused business leader who can shepherd the organization toward an advanced and adaptive security posture.

Critical considerations for the position include top attributes to look for in potential candidates, organizational model and reporting structure, the level of responsibilities outside of security, and how to cultivate a supportive and empowering environment for the CISO.

Rising to Prominence in the New Security Landscape: Health care’s chief information security officer
Download our report to learn the top considerations your team needs to know about the new Chief Information Security Officer (CISO).

4 keys to finding—and retaining—the right security leader
The chief information security officer (CISO) position is tough role to fill, especially in today's high-demand talent market. Read on to learn four key considerations to keep in mind when hiring for this vital position.


4. Prepare in advance

Your organization will experience a breach at some point—it is just a matter of when. Now, more than ever, you need to ensure your organization has a proper response plan in place for cybersecurity incidents to limit potential damage.

Breach Notification Decision Tool
This tool is intended to aid the investigation committee in determining whether or not a suspected violation constitutes a breach of unsecured PHI requiring notification.

IT Disaster Recovery
Get a case study on how Halifax Health's IT department responded to a natural disaster, and learn how you can create an effective IT recovery plan.

Third-party risk management checklist and catalog
Use the checklist and sample catalog to kick-start your program or assess your current approach to third-party risk management.

Safeguarding Our Clinical IT Assets
This implementation guide offers strategies to build a dynamic, effective disaster recovery plan.

Weekly line: The White House is raising the ransomware alarm. Here’s how you should respond.
In response to high-profile ransomware attacks targeting U.S. meat and oil and gas industries, the White House last week published an open letter outlining six steps leaders should take to stave off potential cyberattacks. Advisory Board's Heather Bell and Andrew Rebhan go over those steps and detail three additional ways health care leaders can protect their organizations.


5. Manage and learn from incidents that do happen

Methodical and well-tested incident response plans are critical for health care organizations to successfully and rapidly react when a cyber-crisis hits. The SANS Institute’s PICERL incident response methodology is widely regarded as a go-to response approach because of its applicability and versatility across industries, organization size, and type of security incident.

The resources below broadly define the six phases of PICERL and illustrate how the steps involved to respond to a clinical crisis—well-known to non-IT health care leaders, clinicians, and staff—mirror the element of the PICERL security incident response approach.

Incident Response: Managing in minutes
With cybersecurity threats on the rise, organisations must be ready to address a new set of security challenges and considerations. Use this six step response plan to bolster your organisation's cyber defenses.

When a break occurs, the whole hospital is our patient
Learn how to implement the SANS Institute's PICERL approach to effectively handle cyber incidents.

FBI: Hospitals face 'credible,' 'imminent' threat of severe cyberattacks
The FBI, HHS, and the Cybersecurity and Infrastructure Security Agency warned of an "imminent cybercrime threat to U.S. hospitals and health care providers"—and one expert warned that criminals could target 400+ organizations for ransoms of $10 million or more. Here's what you need to know, and four actions you can take now to prepare, according to Advisory Board's Mark Hetz.

Scripps CEO: What we learned from being attacked by ransomware
Writing for The San Diego Union-Tribune, Scripps Health CEO Chris Van Gorder details his health system's experience fending off a ransomware attack last month and calls for increased collaboration between the federal government and hospitals to prevent further cyberattacks.

What happens when hackers target your hospital? Sky Lakes Medical Center and Asante are sharing their biggest lessons learned.
When Sky Lakes Medical Centers was forced to operate under downtime procedures because of a ransomware attack last fall, the community hospital responded quickly by working with the health system Asante through the Epic Community Connect program. Advisory Board's Mark Hetz spoke with Asante's CIO Lee Milligan and Sky Lakes' Director of Information Systems John Gaede to discuss the unique role their Community Connect relationship played in responding to the cyberattack and lessons learned.

Have a Question?


Ask our experts a question on any topic in health care by visiting our member portal, AskAdvisory.