April 22, 2014 – A group ranging from healthcare payers to medical centers participated in a series of exercises that simulated real cyber attacks on healthcare organizations, to see how well they could hold up under such an event.

The simulated attacks, called CyberRx, were conducted in partnership with HITRUST, the U.S. Department of Health and Human Services.

Here’s what they found:

  1. Organizations that participate in cyber exercises are more prepared for a cyber attack. This was regardless of the maturity and comprehensiveness of their information security program.
  2. Organizations that can better communicate with all the stakeholders involved–both inside and outside of the organization–fared better. This was true for legal, crisis management, business operations, management and external business partner stakeholders.
  3. Organizations learned they want greater freedom to communicate and collaborate during a cyber crisis despite potential legal restrictions.

Click to continue to the full article.