Healthcare, Cybersecurity, Bitcoin and Blockchain

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

2012

Abstract

quote id="c864">“<a href="https://infotechlead.com/security/unitedhealth-group-reportedly-pays-22-mn-ransom-following-cyberattack-83510">The cyberattack on UnitedHealth’s Change Healthcare unit</a> has caused widespread disruption across the United States, with repercussions felt throughout the medical system. Despite Blackcat’s claim of stealing sensitive records during the hack, the gang swiftly deleted its post without providing further explanation.” (Infotechlead)</blockquote>And this change doesn’t just impact the top senior management levels, it impacts individuals.<figure id="55ba"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*M1bPWXTyAI_cD0kn"><figcaption>Photo by <a href="https://unsplash.com/@neonbrand?utm_source=medium&utm_medium=referral">Kenny Eliason</a> on <a href="https://unsplash.com?utm_source=medium&utm_medium=referral">Unsplash</a></figcaption></figure>What <a href="https://www.prosci.com/change-management">PROSCI</a> is suggesting is we start focusing on the individual impact of change.PROSCI takes a look at 10 factors that are affected during change. The <a href="https://www.prosci.com/blog/defining-change-impact">Defining Change Impact</a> goes into these such factors in more detail.I want to focus on one of those factors — Critical Behaviors.In the PROSCI article, Tim Creasey explains this further as:“Vital or essential response of an individual or group to an action, environment, person or stimulus.”Sometimes when we think about ransomwares — we only focus on the Incident Management team, that gets involved after the fact (or during the fact). We tend not to focus on the business teams who helped put together the BCP (Business Continuity Plan) or DRP (Disaster Recovery Plan). In fact….do we even know if such plans exist? Is the business even aware, of how to recover from a cybersecurity attac

Options

k?<figure id="16c3"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*ESZ_y6SyNdZCYOW3"><figcaption>Photo by <a href="https://unsplash.com/@claybanks?utm_source=medium&utm_medium=referral">Clay Banks</a> on <a href="https://unsplash.com?utm_source=medium&utm_medium=referral">Unsplash</a></figcaption></figure>The volatile, uncertain, complex and ambiguous, pace of change that is coming with cyber attacks, now means everyone has to understand at least the basics of cybersecurity. Probably most especially, the business. Or whoever is clicking on the phishing links/unwittingly giving out password details to an unauthorized users. And I say that not to shame the business — I come from the business. I say that to help build awareness that this change affects all of us.The most essential item to the continuity of operations in an emergency situation, is the distribution of key process documents. When key process documentation is distributed to contingency locations, it is available for the use of any staff who report to these locations during contingencies; and so long as that documentation is up to date, it may be used even by those who may not typically be involved in performing those functions (ISACA).<figure id="9d15"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*R89CAPxPR4c7ViXf"><figcaption>Photo by <a href="https://unsplash.com/@ashkfor121?utm_source=medium&utm_medium=referral">Ashkan Forouzani</a> on <a href="https://unsplash.com?utm_source=medium&utm_medium=referral">Unsplash</a></figcaption></figure>When cyber attacks hit our healthcare systems, it’s really time to sit down and think through how we start distributing information about cybersecurity to more people. Working with models from credible organizations like ISACA and PROSCI, can fundamentally help us all to build such awareness programs. And help us all.Happy leadership.</article></body>

Change is here

The US-based UnitedHealth Group has allegedly paid a ransom of $22 million, in order to regain access to its data and systems encrypted by the “Blackcat” ransomware gang. The payment was apparently completed via a “transfer of approximately 350 bitcoins, equivalent to around $23 million at the current value of the cryptocurrency, from one digital wallet to another” (Infotechlead).

The most essential item to the continuity of operations in an emergency situation, is the distribution of key process documents. Many factors come into play during contingency situations, but continuity is possible only when personnel who are able to resume key processes, have the knowledge to do so. When key process documentation is distributed to contingency locations, it is available for the use of any staff who report to these locations during contingencies; and so long as that documentation is up to date, it may be used even by those who may not typically be involved in performing those functions (ISACA).

In the PROSCI article, Defining Change Impact Tim Creasey uses the acronym VUCA: volatile, uncertain, complex and ambiguous.

“The pace and structure of our lives and the business world today is fast and continually moving. (We are) faced with bigger, faster and more complex change; and (we are) challenged by the volume…it becomes very easy to either forget, ignore or get lazy about managing change down to that individual level where it happens.

When something like this kind of ransomware occurs in a hospital, many of us are impacted. Not just the patients of that hospital.

“The cyberattack on UnitedHealth’s Change Healthcare unit has caused widespread disruption across the United States, with repercussions felt throughout the medical system. Despite Blackcat’s claim of stealing sensitive records during the hack, the gang swiftly deleted its post without providing further explanation.” (Infotechlead)

And this change doesn’t just impact the top senior management levels, it impacts individuals.

What PROSCI is suggesting is we start focusing on the individual impact of change.

PROSCI takes a look at 10 factors that are affected during change. The Defining Change Impact goes into these such factors in more detail.

I want to focus on one of those factors — Critical Behaviors.

In the PROSCI article, Tim Creasey explains this further as:

“Vital or essential response of an individual or group to an action, environment, person or stimulus.”

Sometimes when we think about ransomwares — we only focus on the Incident Management team, that gets involved after the fact (or during the fact). We tend not to focus on the business teams who helped put together the BCP (Business Continuity Plan) or DRP (Disaster Recovery Plan). In fact….do we even know if such plans exist? Is the business even aware, of how to recover from a cybersecurity attack?

The volatile, uncertain, complex and ambiguous, pace of change that is coming with cyber attacks, now means everyone has to understand at least the basics of cybersecurity. Probably most especially, the business. Or whoever is clicking on the phishing links/unwittingly giving out password details to an unauthorized users. And I say that not to shame the business — I come from the business. I say that to help build awareness that this change affects all of us.

The most essential item to the continuity of operations in an emergency situation, is the distribution of key process documents. When key process documentation is distributed to contingency locations, it is available for the use of any staff who report to these locations during contingencies; and so long as that documentation is up to date, it may be used even by those who may not typically be involved in performing those functions (ISACA).

When cyber attacks hit our healthcare systems, it’s really time to sit down and think through how we start distributing information about cybersecurity to more people. Working with models from credible organizations like ISACA and PROSCI, can fundamentally help us all to build such awareness programs. And help us all.

Happy leadership.