What does the Change Healthcare ransomware incident mean for healthcare organizations? Doubling your cybersecurity spending, according to one health system CIO.
Will Weider, CIO and senior vice president of Wausau, Wis.-based Aspirus Health, shared five thoughts on LinkedIn Feb. 29 about the incident, saying, "Whatever you planned to spend to improve cybersecurity, double it."
Additionally, Mr. Weider stated that in light of this incident, healthcare organizations should:
- Focus on the insecure present instead of talking about the future of AI.
- Simplify the IT environment, as "every new snippet of software and every new network device is a new attack vector."
- Prepare for all of the responsibilities that come with a breach, including patient notifications.
- Add language to IT contracts to deal with partner failures. "Us CIOs need to stop rolling over and taking on all of the risk," he wrote.
This comes as Optum's Change Healthcare confirmed Feb. 29 that it was hacked by ransomware gang ALPHV/Blackcat.