Ensuring the safety of our information technology infrastructure is an important aspect of daily operations around Johns Hopkins. But what if a cyberattack happens? Darren Lacey, the chief information security officer and director of IT compliance for Johns Hopkins University and Johns Hopkins Medicine, says that his staff investigates 20 to 30 incidents a day. To keep our network safe, he says, his team constantly tests our environment to determine vulnerabilities.
In a continuing effort to prepare for such attacks, cybersecurity was the focus of a recent workshop hosted by the Johns Hopkins Medicine Office of Emergency Management and the Johns Hopkins Office of Critical Event Preparedness and Response.
The purpose of the workshop was to determine how to maintain patient care, infrastructure operations, and administrative functions if a cyberattack affects one or all organizations that are part of Johns Hopkins Medicine. Emergency planners and IT representatives were in attendance.
The Office of Emergency Management and CEPAR are in the process of reviewing draft procedures relating to potential cyberattacks. Emergency planners and IT specialists are also continuing to work with clinical informatics departments to develop simulation exercises so employees know the proper procedures to follow if such an event occurs. In addition, Johns Hopkins Medicine organizations and CEPAR will conduct exercises in the coming year designed to test hospital continuity of operations and response coordination resulting from a potential information technology failure.
Go to the CEPAR website for more stories from the Hopkins on Alert newsletter, where this article first appeared.