With ransomware and other malware events on the rise, it’s time to prepare for “the talk” with your C-suite and board of directors about cybersecurity. For provider CIOs and CISOs (Chief Information Security Officers), the conversations are no longer about if a breach occurs but when.
Two weeks ago, our Daily Briefing team covered a four-step plan on ransomware prevention: back up data, limit network access points, filter emails, and curtail access to specific websites. The four steps outlined are part of a broader discussion around cybersecurity threats, but these threats can affect any member of an organization.
Here are some considerations you should remember when having the talk with your team:
Prepare in advance
- Make sure you understand the organization’s current state
- Hold private meetings with key leaders to understand their concerns and perspectives
Keep it simple
- Talk in business terms and leverage scenarios to illustrate the organization’s risk profile from various threats
- Discuss improvements made to lower risk
Be clear about alternatives
- Provide alternatives for changing the organization's risk posture
- Acknowledge trade-offs for each alternative
- Provide examples of various roles they can play in managing cyber risk
- Ask for their guidance and assistance
Prevent ransomware attacks
Hackers are holding hospitals for ransom—here's your four-step plan to stop them.