📍 Today in health it health care leaders, praise Ascension. Cyber attack response. We're going to take a look at that today. My name is bill Russell. I'm a former CIO for a 16 hospital system and creator of this weak health set of channels and events dedicated to transform health care. One connection at a time. We want to thank our show sponsors who are investing in developing the next generation of health leaders.

Notable service now, enterprise health parlance, certified health and Panda health. Check them out at this week. health.com/today. This story, in all stories we cover on this. Show You can find on our website this weekend. health.com/news. Check it out today and let me know what you think. All right. One last thing, share this podcast with a friend or colleague use it as foundation for daily or weekly discussions on the topics that are relevant to you. And the industry, a form of mentoring, they can subscribe wherever you listen to podcasts. All right.

We're going to take a look at a story today and it is in Becker's. And healthcare leaders, praise, essentially cyber attack response. Here's the summary St. Louis based Ascension has been commended by healthcare leaders. First prompt and transparent response to a recent ransomware attack. The health system took its it network offline on May 8th, informed the public about the breach three days later and provide a consistent updates. Through a dedicated website in collaboration with the FBI and cybersecurity and infrastructure security agency session promptly communicated with its vendors to mitigate for the risks. Healthcare consultant wrote a Weiss and other industry executives have expressed admiration for Ascension's openness and rapid dissemination of information. Essentially also stresses the importance of accurate and credible communication to maintain public trust. And ensure operational continuity. Highlighting its efforts to collaborate closely with law enforcement and cybersecurity experts. All right.

So that's the story and it really is true. We, when another story on here is we actually shared the website where they're providing updates by region and you can click on the state and get further updates as to what's going on at each one of the locations and . It's a really well crafted website. And it reminds me of AWS.

Actually, AWS is really good. One of the best, they put healthcare to shame. In terms of when they have an outage. You will have an almost immediate. Website that you can go to that will give you detailed information as to what's going on, who's impacted and what they are doing to remedy this situation. That level of detail is absent in healthcare. Which is why I say they run circles around healthcare, but they they will diagnose problems as quickly as possible.

They will It's just constant communication. It's complete transparency. Even if it's an architecture problem or something that they have created themselves, they will be completely transparent. I remember I did a show on that. Just I forget it was a long time ago. He did a show on just how amazing it was.

I remember AWS had an outage. I remember reading it. And I was like, man, this is this is, was to me. Like I was reading it going. They're giving me detail on the clusters and how they've organized their storage and how it was proliferating across the entire storage array and bringing things down.

It was. And there it was bringing their block storage rates down. It was really fascinating. Read. But it gave me an idea of exactly what had happened. What they were doing to correct it. And further as they progressed and rearchitected things, they kept people aware of that. We're not doing that level at this point, we're essentially just telling people here's, what's have been impacted and here's from the public standpoint, here's how this is going to impact you . Essentially, it's doing a good job with regard to where they're at. It is hard to throw stones , with regard to cyber attack, there's a, an old adage.

It's not if, but when, so nobody's going to throw stones. . And it, quite frankly, it's a huge health system.

This is an incredibly difficult job. To to maintain this, but there's a move that's going on in healthcare. And it's this move to digital. And. The idea of moving to digital makes perfect sense. The whole world's moving digital. There's a digital experience that we have to consider. There's digital solutions that are going to create automation and efficiencies within healthcare and Ascension has bought into this completely their their CIO reports into their digital leader.

And that's the new, that's the new model that's happening. It's happened in a couple of places. It continues to happen. Where we say, Hey, digital is more important than the traditional CIO tasks. And. If I'm throwing any stones and it's not a big stone, I'm throwing here, but it is. As we move to digital, we can not forget the foundation. And we can't forget to hire people who have the skills at the foundation. Because one of the things is when you've bought a digital completely, you start to hire different skillsets and you hire to different capabilities. And it's not that those capabilities don't need to exist within healthcare.

They absolutely do. We need to be pushing the envelope with regard to digital, with regard to AI, with regard to all of these things, but we can't forget the foundation. And the foundation is essentially that architecture, that it all rides on the architecture, the data center. The my gosh, let's go down to the basic levels, the crack units and the wiring in the network and the the segmentation and. And the routing and, we still need people who understand that at a deep level. And people that can troubleshoot that at a deep level. And those people who's responsible, Ron. The responsibility is to keep the system running. Those are the things that we sometimes fail to elevate as necessary skills as we move too quickly to digital.

And so when I look at this. I'm wondering, how are we measuring their response to cyber attack? We're measuring it based on their openness. And what they're communicating to the public. And that is a very important piece of this. Absolutely. And I do commend them for how they are communicating to the community.

However, I measure the cyber attack response based on how quickly you can get back up and running. And you can tell how much time and money and effort has been spent. On those things by the amount of time a system is offline. And if there are offline for a, what approaches a month. Then they were not ready for a cyber attack.

And at this point, After we gone through scripts and we've gone through change and we've gone through all these other things. To not have a very solid business continuity and recovery plan. Is really not. Acceptable in healthcare. It's just not acceptable anymore. And if you're listening to this saying, oh, how could you throw a stone?

If I were sitting there with your board today, I would say to them the most important thing. When a CSO or CIO or someone or chief digital officer says to you, it's not if, but when the most important thing you can ask them is okay. When it happens. If we all agree, it's not if, but when it happens, Tell me my plan from that moment on.

Our active directory is gone.

Our routing tables are gone. Our data is locked up. Tell me our plan from that moment on. And if you don't get really solid, really good answers. Then the focus has moved too far away from the foundation. And you have to have a solid foundation. In order to build digital on top of that. And we cannot forego that.

That absolutely has to be in place. And I will say the other mistake that people make is they say we've moved to the cloud that foundation's in the cloud. And if you talk to any cloud provider, they're going to say that the responsibility of building out that business continuity, resiliency and and recovery is still the responsibility. Of the partner that is hosting in those environments, it's still your responsibility to consider how to restore your need for those applications or the functions that those applications. Provide. So we've seen this with change.

We've seen this. With the Kronos attack. That there are functions that we're relying on the cloud for that when they go down. It's still our responsibility as a health system to figure out how we're going to acquaint to restore those. And so I keep coming back to that, the business impact analysis. And the recovery plan are not two documents that you write. I put on a shelf and forget about, I know you're not going to put them on a shelf.

I know they're going to be on a drive somewhere, but regardless, they're not something that you write and forget about these become active documents. They become documents that display your readiness and your preparedness for these attacks. It's not if, but when. And then the measure is how ready were you for the attack? And so if I'm throwing anything, any kind of stones at essential and quite frankly, I'm not on the inside, I'm not on the no. Maybe they did have a great plan and. It just fell apart as they cause a lot of times it's hard to test these things out and maybe some aspect of it fell apart as they were moving forward.

But at the end of the day, it's still indicative of the fact that there was a plan that doesn't seem to be restoring the operation as quickly as possible. And again, I don't know where that fault lies and I'm not trying to identify where that fault lies. But I do think as a system. This may indicate their level of investment and focus. On the architecture and the redundancy and the resiliency of that architecture. I don't know.

I don't know for sure, but I think it does indicate that anyway. My, so what for you is don't let this be you in six months, because then there really is no reason. We've had sharp. We've had change. We've had Ascension. And if it happens to you and you're not ready with a re restoration plan to restore your capabilities as quickly as possible. Then potentially someone might think you're not paying attention to what's going on in the industry. All right.

That's all for today. Don't forget. Share this podcast with a friend or colleague. Have a discussion, maybe you think I don't know, insensitive for taking this tack, but I think it's a line of questioning we need to look at in healthcare. Are we really ready? We've adopted this. It's not if, but when, and are we really ready for when it happens? All right.

We want to thank our channel sponsors who are investing in our mission to develop the next generation of health leaders. Notable service now, enterprise health parlance, certified health and 📍 Panda health. Check them out at this week. health.com/today. Thanks for listening. That's all for now.