Healthcare is among the industries most vulnerable to cyberattacks. The healthcare industry incurs one of the highest financial costs, in the face of a cyberattack.
Proactive measures are needed to increase visibility of cyber risk issues within healthcare organizations and distribute cyber risk management to a responsibility across the firm. While the risks are real and have been recognized by the industry, many healthcare organizations have yet to set up and implement a holistic framework, governance, and adequate Board oversight.
This paper highlights some examples of best practices across industries in cyber risk management, and several key areas for healthcare organizations to start focusing on, such as preparedness, prevention, detection, response, and recovery, including the use of cyber risk insurance as a risk-transfer tool.
Authors
Kitty Lee
Principal, Health & Life Science Practice
Wolfram Hedrich
Executive Director, Marsh & McLennan Companies’ Asia Pacific Risk Center
Rachel Lam
Research Analyst, Marsh & McLennan Companies’ Asia Pacific Risk Center
Oliver Wyman Ideas App
