Addressing Cyber Security Risks – Are You Doing These Three Things?

Kopiha Nathan
Addressing Cyber Security Risks – Are You Doing These Three Things?

A cyberattack against a healthcare organization is not only disruptive, but it can also be devastating.

That’s why HIROC and its partners are committed to sharing knowledge across the healthcare community. Our goal is to raise awareness of the impacts and mitigate risks that may lead to cyberattacks.

In my role as HIROC’s Privacy and Compliance Officer, I connect with Subscribers across Canada to better understand their needs, provide guidance, and share case studies to support their risk posture.

In late November, I chaired the Cyber Security in Health Care forum, hosted by Spark Conferences. Thank you to the many healthcare leaders and governance professionals who attended and shared their stories. At the event, I also had the pleasure of leading a ransomware simulation, stay tuned for more on that in a future article.

For me, the lessons learned from the forum were invaluable – they are lessons that all of our Subscribers can benefit from. As such, below are my top takeaways from the day. These are three things that, at the very least, healthcare organizations should be doing to mitigate their risks. 

1. Conduct Phishing Exercises and Develop User Awareness

Phishing remains an important risk factor associated with a cyberattack. Most cyberattacks result from users clicking on a link or opening an attachment from a phishing email. Once clicked or opened, cybercriminals can deliver malware, ransomware, or steal credentials.

“The biggest vulnerability that all healthcare systems are facing is that the main vector for attack is people,” said Marc Toppings, Vice President and Chief Legal Officer at University Health Network (UHN) and speaker at the conference.

Many of us have been subjected to increased phishing attacks. To respond effectively, the adoption of a layered security approach is key. This includes focusing efforts on prevention, detection, and response strategies.

Most speakers at the conference stressed the importance of:

  • Training and educating all users
  • Conducting phishing tests
  • Ensuring organizations implement technical capabilities to detect and respond to compromised situations (e.g. internal or external security operations center)
  • Facilitating tabletop exercises and other simulation activities

2. Have a Backup and Recovery Strategy

An essential component of a cyber risk management program includes a robust IT backup and recovery strategy. This process must ensure that backups do not inadvertently download, or allow for the spread of viruses, malware or ransomware.

Speakers at the conference stressed the importance of defining an acceptable Recovery Time Objective (RTO) and investing in the appropriate solutions. An RTO is the time it takes organizations to restore data and systems to the acceptable service level after a breach.

“We’re seeing an uptick in folks having to be able to prove they have good mechanisms in place to be able to restore data,” said David Finley, Director of Information Assurance & Security at Dell Technologies, referring to the importance of developing and maintaining isolated backup systems.

Speakers also touched on the need to have an effective backup and recovery strategy comprising of at least two disaster recovery tests of full or partial systems per year.

3. Collaborate with Peer Organizations

Most healthcare organizations are under financial constraints, so a collaborative approach to handling cybersecurity operations is key in strengthening and supporting the community.

One speaker stressed the importance and benefits of partnering with peer organizations in a given region to find ways to share knowledge, and even resources. For example, creating a shared Chief Information Security Officer position or Security Operations Centre.

Subscribers are encouraged to reach out to HIROC for help in this area. We can facilitate a dialogue with peer organizations and provide resources in the event of a cyberattack.

Cyber risks affect us all. If we don’t share the good and the bad experiences, cybercriminals will always have the upper hand.

As your proactive safety partner, HIROC is at the ready to share knowledge, and scale lessons learned across the healthcare system. If your organization is looking for assistance in putting together a cyber breach tabletop exercise or developing educational resources for staff, please do not hesitate to reach out to us at

For more information on best practices, download HIROC’s Cyber Risk Management Guide, and Cyber Security Crisis Communications Guide.

Stay tuned for part two of this article as I walk through the details of the ransomware simulation from the Spark Conferences event.


Kopiha Nathan is HIROC’s Privacy and Compliance Officer. Reach out to her at