When Cyberattacks Happen
Ensuring the safety of our information technology infrastructure is an important aspect of daily operations around Johns Hopkins. But what if a cyberattack happens? According to Darren Lacey, the chief information security officer and director of IT compliance for The Johns Hopkins University and Johns Hopkins Medicine, his staff investigates 20 to 30 incidents a day. To keep our network safe, he says his team constantly tests our environment to determine vulnerabilities.
In a continued effort to prepare for cyberattacks, cyber security was the focus of a recent workshop hosted by the Johns Hopkins Medicine Office of Emergency Management and CEPAR. The purpose of the workshop was to determine how to maintain patient care, infrastructure operations and administrative functions if a cyberattack affects one or all organizations that are part of Johns Hopkins Medicine. Emergency planners and IT representatives were in attendance.
At the workshop, both emergency planners and IT representatives brought analyses summarizing strengths, weakness, opportunities and threats to identify best practices across Johns Hopkins Medicine and highlight the uniqueness of their operations in developing a tiered response based on the extent of the cyberattack. Representatives from Information Security also provided an orientation on how emergency planners and IT should respond to a potential attack, and when response and recovery procedures should be implemented to maintain business continuity and continue seeing new patients.
After the workshop, Howard Gwon, senior director of emergency management for Johns Hopkins Medicine, created a template to develop and standardize response procedures across Johns Hopkins Medicine and provided lessons learned from a recent cyberattack affecting MedStar Health. Gabe Kelen, M.D., director of CEPAR, reviewed and endorsed the template as a tool to develop policy.
The Office of Emergency Management and CEPAR are in the process of reviewing draft procedures relating to potential cyberattacks. Emergency planners and IT specialists are also continuing to work with clinical informatics departments to develop simulation exercises so employees know the proper procedures to follow if such an event occurs. In addition, Johns Hopkins Medicine organizations and CEPAR will conduct exercises in the coming year designed to test hospital continuity of operations and response coordination resulting from a potential information technology failure.