A ransomware incident which disrupted CommonSpirit’s operations last fall has reportedly cost the organization at least $150 million in lost revenue, remediation and additional expenses. In an interview with Information Security Media Group’s Healthcare Info Security, in light of this incident, Partner Peter Halprin discussed the financial toll that cyberattacks take on healthcare entities and how they can manage their risk.
“With large losses, it can take a lot of time for large organizations to quantify their losses. And, in tandem, the insurers may utilize their own accountants to determine what they view as the amount of loss,” Halprin said. “Cyber business interruption calculations are an emerging area of dispute.”
Halprin noted that insurance policies can include coverage for the professional fees incurred by such accountants as well as provide valuable bottom-line protection, but this is not automatic. “Healthcare entities should collaborate with their in-house professionals and outside risk experts to obtain responsive coverage, both when seeking to procure a policy as well as when an incident arises.”
Read the full interview here.