A major healthcare technology company, seeking to enhance its capability to respond to a cybersecurity incident, turned to Bryghtpath to develop and streamline its cybersecurity (data breach) incident response process within a dedicated plan aligned to its enterprise process.
The Opportunity
As a healthcare technology company, cybersecurity incidents and technology disruptions are a primary concern throughout the organization. In addition, the company had just gone through an internal transformation that changed responsibility and reporting structures, as well as changes to its legal and regulatory compliance obligations.
These concerns and operating changes led the Chief Compliance Officer to retain Bryghtpath to develop a new comprehensive cybersecurity incident response plan that aligned to the company’s enterprise crisis management plan.
Approach and Results
We began the effort with a kickoff meeting with the company’s physical and cybersecurity leaders. During the discovery phase, we reviewed existing documentation, including the then-current cybersecurity response plans and capabilities, as well as the company’s enterprise crisis management framework. Given our familiarity and long relationship with the company, we drafted an initial version of the revised plan that allowed for immediate reaction by stakeholders.
We then worked directly with the various partners to craft specific, actionable checklists for their areas of responsibility. These checklists outlined clearly the roles, responsibilities, and interdependencies for each team during a response.
We also worked with internal teams to clearly define engagement requirements and interactions with external resources, such as outside counsel, public relations firms, and other third-party providers.
After the plan revisions were completed, we facilitated a successful informal plan walkthrough exercise to both socialize the revised process and practice the fundamental procedures established within the plan.
Later, a ransomware exercise was held to practice the plan and capture lessons learned in a multi-day complex crisis simulation.
Key Activities
- 20 interviews
- Review of current crisis response plans
- Review of cyber/information security response materials
- Review of crisis communications plans and messaging
- 15 individual ideation sessions to develop role/team specific checklists
Outcomes
- Comprehensive, actionable response plan covering a number of cybersecurity/data incident scenarios, including insider threat and ransomware response
- Full integration with existing enterprise crisis management framework
- Incorporation of new resources – checklists and external engagement procedures
Download a PDF copy of this case study
We can help.
Let the experts at Bryghtpath put their decades of experience to work for your organization
Our team has the experience, tools, and partnerships to help your organization successfully navigate the rough waters ahead – and ensure your organization is prepared.