top of page

RESOLUTE is a fully-managed cyber risk mitigation service that helps health care organizations put patient safety and practice resilience back in focus.

We make cyber security our business,
so you can focus on yours.

Cyber Risk Mitigation
Focused on Patient & Practice Safety

Resolute-Top

Reality Check

The following information serves to provide some high-level insight into current and emerging cyber threats health care organizations are facing.

Sport Tactics

Evolving Criminal Tactics

Ransomware attacks continue to be conducted but there has been a notable shift in tactics, with many ransomware gangs opting for data theft and extortion without encrypting files. (1)

Folding Sign

Common Threat Types

Top cyber threats in the healthcare sector (2) included

  • ransomware (33%)

  • unauthorized access (28%)

  • business email compromise (28%)

Hand Sanitizer

Call To Action

American Hospital Association provides real perspective and call to action by any health care practitioner:
Cyber Safety is part of Patient Safety
(3)

"We consider Cyber Safety to be a part of Patient Safety."
Image by John McArthur

For Sale:

$250 - $1,000 per record

Value of Protected
Health Information (PHI) on the Dark Web.  PHI continues to be one of the most
lucrative items on the underground market, ranging
from $250 to $1,000 per record, compared to $20 per drivers license record.
(3)

Statistic designs

Grim Facts

As of the beginning of 2023 (5):

  • By June, at least 15 health systems had publicly acknowledged ransomware attacks since the start of the year

  • As of August 1, the U.S. Department of Health and Human Services had 369 healthcare breach reports filed

Image by Nathana Rebouças

$175,000

Cost of average data breach for small healthcare organization

(1-10 practitioners) (4)

A Translation: Threats, Vulnerabilities, Impact, and Practices

The discussion above on threats and vulnerabilities applies similarly to cybersecurity. Threats to your organization may include phishing attacks, malware (e.g., ransomware), insider threats, lost equipment, attackers, and many others.  These threats exist at some level for all healthcare organizations.

 

As with the flu scenario below with the college athlete or the elderly person, the impact of these threats to your organization depends on the ability of the threat to exploit existing vulnerabilities.

Medical and Cyber Perspective

Covid 19

1

Vulnerabilities

Medical View

  • Weak immune system

  • no flu shot

  • lack of hand washing

Cyber Security View

  • No endpoint protection & ongoing monitoring

  • Out-dated software

  • No risk awareness

  • Weak cloud-service environments

2

Impact

Medical View

  • Patient is stricken with a case of the flu

Cyber Security View

  • Ransomware attack succeeds

  • Protected Health Information (PHI) is accessed by unauthorized 3rd parties

  • Public disclosure of PHI diminishes patient trust

3

Practices

Medical View

  • Receive a flu shot

  • wash hands frequently

  • use hand sanitizer frequently

Cyber Security View

A HIPAA Compliance Champion Your Side

The RESOLUTE:infrastructure component of our fully-managed cyber risk mitigation service addresses the prevention, detection, remediation, and reporting requirements covered by HIPAA Security Rule and HITECH when configured in close coordination with an organization.

 

Addressing cyber risk in the health care sector requires a holistic approach.  We can assist your organization elevate its cyber risk mitigation efforts and be better prepared against tomorrow's cyber threat in the health care sector.

Furthermore, it aligns with HIPAA’s Administrative Safeguards Requirements §164.308(a)(1), §164.308(a)(5)(ii)(B), and 164.308(a)(6)(ii) for security violations and incidents, and malware protection.
 

A COMPLIANCE CHAMPION FOR
HIPAA ADMINISTRATIVE SAFEGUARDS §164.308

Satisfying HIPAA Requirements

bottom of page