Picture this: you’re a CISO at a hospital rushing from meeting to meeting, fielding calls in between, when suddenly you get the call. Bad actors infiltrated your system and are holding your digital assets for ransom. They’re demanding $500,000 or they’ll release your data. Data recovery isn’t your only concern. Many of these systems are literally keeping patients alive. What do you do?
This is a situation many healthcare CISOs face today. If you pay, you recover your systems and avoid disaster. On the other hand, if you do pay, you not only fund cyber terrorism, you face the very real risk the attackers will renege and release your data. Furthermore, there’s no guarantee they won’t try to hit you again in the future. Ultimately, you must weigh the pros and cons and decide what is right for your organization. But hurry, the clock is ticking!
CISO Street recently moderated a virtual CISO panel and asked panelists to share their perspectives on current cyber trends and challenges. In this video, Christopher Maynard, CISO for Reed Tech and Esmond Kane, CISO for Steward Health Care System share their thoughts on the ethical and practical dilemmas of paying a ransom.
CISO Street’s recent webinar, Don’t Be Held Up for Ransom(ware), takes a deeper dive into this critical topic. Executives from FireEye Mandiant, CISA, FBI Cyber – Major Cyber Crimes Unit, and Texas Children’s discuss best practices for protecting your organization from being held for ransom and how to minimize the impact to your business. Watch the replay here.