Dissecting the CrowdStrike Failure Event: Assuring Readiness for the Inevitable Failure of Complex Systems
November 21 | 12:00 pm – 1:00 pm
The CrowdStrike Failure Event on July 19, 2024, rendered approximately 8.5 million Windows computers across the world unusable, including 45,000 devices across the Mass General Brigham system. While ambulatory visits and non-essential surgical procedures were cancelled on the first day, Mass General Brigham was back to full operational capacity within 24 hours. It is undeniable that unplanned outages of information systems, whether from cyberattacks or technical malfunctions, will continue to occur and that the consequences of these failures will be felt by patients unless appropriate mitigation and continuity measures are in place.
In this discussion, we will review the successes and opportunities for improvement identified in MGH’s response to the CrowdStrike incident. We will also discuss how healthcare systems can adopt best practices in cybersecurity preparedness, disaster recovery planning, emergency management planning, and business continuity planning to embrace resilience and to reduce the overall impact of future disruptions when complex systems inevitably fail.
Take-aways:
• Understand how trends in healthcare IT systems are increasing vulnerabilities.
• Analyze digital downtime events through the lenses of patient safety and operational continuity.
• Identify critical opportunities for healthcare systems to collaborate among digital, information security, and emergency preparedness leaders to mitigate vulnerabilities and optimize response to downtime events.