AHA and Rubrik Urge Shift Toward Cyber Resilience in Healthcare
The American Hospital Association and Rubrik are calling for a shift in healthcare cybersecurity strategy, emphasizing that hospitals must prioritize immutable backups and rapid recovery over the unattainable goal of total attack prevention.
The American Hospital Association (AHA) and security firm Rubrik are urging healthcare organizations to shift their focus toward cyber resilience, emphasizing that total prevention of cyberattacks is no longer a realistic goal in today's complex digital landscape GovInfoSecurity. As ransomware threats continue to jeopardize patient safety and operational continuity, experts argue that hospitals must prioritize robust recovery strategies over the impossible task of eliminating every vulnerability.
John Riggi, the AHA’s national advisor for cybersecurity and risk, and Josh Howell, Rubrik’s healthcare CTO, highlight that the healthcare sector operates within a highly interdependent ecosystem where vulnerabilities are inevitable. According to Riggi, who spent 30 years with the FBI, the current threat environment requires a fundamental change in how hospitals prepare for inevitable compromises. The AHA is currently collaborating with organizations like the Joint Commission to improve awareness and readiness across its more than 5,000 member hospitals GovInfoSecurity.
The technical focus of this resilience strategy centers on the implementation of immutable, secure data backups. Howell warns that modern threat actors—including nation-state groups—employ sophisticated tactics designed specifically to cripple recovery efforts. These tactics include the destruction of SQL databases and storage arrays, as well as the manipulation of system time to bypass security controls. By maintaining immutable backups, healthcare providers can restore critical systems without succumbing to ransom demands GovInfoSecurity.
Beyond technical backups, the experts emphasize the necessity of coordinated incident response and business continuity planning. Howell notes that these strategies are essential not only for maintaining patient care but for ensuring the long-term financial viability of health systems. The integration of these proactive measures is intended to help organizations recover quickly from attacks, even when traditional perimeter defenses fail GovInfoSecurity.
The rise of artificial intelligence in the threat landscape further complicates the situation, necessitating more advanced defensive postures. As attackers leverage new technologies to increase the speed and scale of their campaigns, the AHA and its partners are pushing for a standardized approach to cyber resilience. This strategy aims to move healthcare organizations away from a reactive stance toward a model that assumes breach and prioritizes rapid, secure restoration of services GovInfoSecurity.
This shift reflects a broader trend in critical infrastructure security, where the focus is moving from "perfect security" to "resilience by design." As hospitals continue to face relentless ransomware pressure, the ability to maintain clinical continuity during an outage is becoming a core component of patient safety standards. Future efforts will likely focus on refining these recovery frameworks to address the increasing complexity of hospital IT environments.