Exec Questions Flashcards
Incident and Recovery Overview (6 cards)
How do we ensure this never happens again, specifically the MFA gap?
Mandatory MFA across all systems, no exceptions. Zero-trust architecture implementation with just-in-time access controls and biometric authentication.
What’s our legal exposure from the 100 million patient records compromised?
Ongoing litigation costs factored into $3B projection. Enhanced compliance documentation and regulatory adherence programs in place to minimize future exposure.
How long did it take us to detect vs. contain the breach?
9-day window from initial compromise to full containment. New AI-driven monitoring will reduce detection time to minutes, not days.
What was the business impact beyond the $1 billion cost?
Nationwide disruption to claims processing, pharmacy services. Some hospitals waited weeks for system restoration. Severe reputational damage requiring congressional testimony.
Why did we pay the $22 million ransom?
Critical to restore essential healthcare services quickly. Decision made to minimize patient care disruption while working on system recovery.
What systems are we rebuilding vs. restoring?
Complete rebuild of compromised infrastructure with enhanced security controls. Legacy systems being replaced with modern, secure alternatives.
