Alcyconie is one of the service providers selected by the GCS e-sante Bretagne to prepare and train healthcare establishments to deal with cyber crisis

Preparing and training healthcare institutions for cyber crisis

Due to the strong development of digital uses and the sensitivity of the data it processes, the healthcare sector has become, over the years, one of the main targets of cyberattackers. According to the ANS (Agence du Numérique en Santé), more than 730 attacks were recorded in 2021 against healthcare players, a trend that is strengthening in 2022 and 2023 with increasingly devastating and publicized cyberattacks.

The stakes concerning health establishments are significant for their own functioning but also for that of the nation and the health of its population. This is why the latter are designated “operators of vital importance” (OIVs).

As soon as they are designated as OIVs, healthcare establishments are subject to the regulatory framework of military programming laws, with IT security criteria that are higher than those incumbent on establishments designated as “essential service operators” (OSE).

While attacker groups have claimed in the past in their “ethical charter” that they would never hit healthcare facilities, this rule has really fallen by the wayside: “It is forbidden to put patients’ lives at risk, but it is perfectly permissible to steal data from a hospital,” says Lockbit, one of the most active groups in the ransomware sector

Faced with the increase in these cyberattacks and their critical dimension, the Ministry of Health and Prevention has sent an information note to the directors of the ARS (Regional Health Agencies) on the obligation of health establishments to carry out a crisis management exercise before the end of 2023.

Preparing healthcare institutions for cyberattacks and strengthening their cyber resilience

In order to further strengthen the preparedness of health establishments and enable them to meet the obligations announced by the government, the ANS (National Digital Health Agency) and the ARS (Regional Health Agencies) have decided to allocate a lump sum subsidy to structures that carry out a cyber crisis management exercise. This will cover part of the cost of the support of the expert service provider in cyber crisis management.

The ANS has also built cyber crisis management exercise kits to facilitate the organisation of exercises within health structures.

The realization of these exercises is one of the priority actions of the cyber reinforcement plan of the Ministry of Health and Prevention. Thus, the structures will be able to consider carrying out the exercises independently or opting for a delivery assisted by an external service provider.

These ready-to-use kits are intended to enable a healthcare structure to train in cyber crisis management in real conditions in order to acquire the right reflexes, strengthen its cyber resilience and ensure business continuity as well as possible.

To adapt to the different levels of maturity of healthcare establishments, these kits are available in three levels:

• Beginner’s kit : to discover cyber crisis management
• Intermediate kit : to work on coordination between two cells and refine the crisis management plan
• Advanced kit : to anchor reflexes and increase skills

In partnership with LEXFO (Security Incident Response Provider, certified PRIS by the ANSSI), Alcyconie has been selected along with three other groups of service providers by the GCS e-santé Bretagne to offer its expertise to healthcare establishments and medico-social establishments in the region for the purpose of preparing and training in cyber crisis management.

With a long-standing partnership, our teams and those of LEXFO have now developed effective synergies and share a common approach to support in cyber crisis.

Often associated with the imperatives of efficiency and urgency, the health and medico-social sector is an easy target for cybercriminals. This is why the entire sector is seeking to streamline its operations, in order to simplify the daily lives of caregivers and patients. It is in this context that the digital transformation of these establishments has developed, and therefore the digitization of their information flows.

Medical data is a lucrative commodity and its value has been increasing for several years. Hospitals store large amounts of sensitive data and need to be able to access their systems at all times.

Alcyconie’s expertise is based on crisis management consulting and platforms dedicated to the anticipation and management of cyber crisis. It will enable teams in healthcare institutions to train and organise themselves to respond to complex, sensitive or crisis situations and to improve their ability to anticipate and be resilient to cyber attacks.

Placing crisis management at the heart of healthcare institutions’ cyber resilience strategy

Preparing for a cyber crisis

In a context of increasing cyberattacks, particularly targeting healthcare institutions, it is essential for them to be resilient and to prepare to face a cyber crisis. Alcyconie acts and supports organizations in the healthcare sector at all stages of the crisis: before, during and after.

In order to deal with this type of event impacting the operation of a healthcare establishment, it is necessary to put in place a set of procedures and plans: crisis system, business continuity plan (BCP) and disaster recovery plan (DRP). These elements must be adapted to as many possible and realistic scenarios as possible. Alcyconie offers training and solutions in line with the crises that healthcare institutions face, depending on their environment and needs.

Training in cyber crisis management

Once the procedures have been defined and drafted, the best way to ensure that these documents do not gather dust is to apply them during a cyber crisis management exercise. Immersing the members of the crisis unit in a cyber crisis simulation is an opportunity to test and prove the existing systems and to confirm their suitability for the establishment. In a real crisis, the allocation of roles, the distribution of responsibilities, the development of relevant and transparent crisis communication as well as the acquisition of certain reflexes can prove decisive.

Alcyconie is positioning itself as a player in the service of health by offering to animate the ANS kits and strengthen their cyber resilience.

For institutions that consider themselves to be sufficiently “mature”, have already participated in a cyber crisis management exercise and wish to reach the next level, we offer tailor-made exercises aimed at diversifying the business dimensions. Our PIA® platform offers the possibility of fully immersing oneself in a scenario that is as close as possible to reality in a logic of increasing skills.

PIA® is a real secure playground, bringing together all the dimensions of a cyber crisis: media pressure, internal pressure, taking into account business, organizational and financial impacts, etc.

Cyber crisis management on the spot

Alcyconie has developed a tailor-made support method, structured around several key axes, as close as possible to the challenges of the players in the healthcare sector. Whether before, during or after the crisis, the Alcyconie team is also able to support and advise you during a security incident with its 24/7 on-call offer.

Our mission? We stand by your side to support you in the construction of your operational response, the definition of your crisis communication strategy and the strengthening of your crisis unit (PMO, management, language elements, etc.).