Hospital Pays $55K Ransomware Demand DESPITE Having Backups

This article is a great example of needing to understand both your RPO (recovery point objective) AND your RTO (recovery time objective).  In the event of a system outage or a ransomware attack, having your data is only half the battle.  You also need the ability to restore that data in a timely manner.  Timely in this this situation is defined as the ability to restore data quickly enough as to not impact business functions.  The hospital in this article had the data they needed in their backups, but could not restore the data quickly enough.  The data had no practical value, so the ransom had to be paid to keep the hospital open.

Backup/Recovery and Disaster Recovery plans need to take into account both RPO and RTO and these goals need to be verified and tested on a regular basis.  Testing gives the peace of mind an organization needs and wants when an attack occurs.

https://blog.knowbe4.com/hospital-pays-55k-ransomware-demand-despite-having-backups

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s