Healthcare organizations can learn from the current outage at Garmin about how not to respond during an IT security breach. Garmin connect service, a platform for Garmin's health and fitness trackers has been down for three days now.

This situation feels like the organization did not prepare ahead of time on a fundamental answer to a tough question. Do you pay the ransomware if an incident occurs? Organizations usually defer the answer to their cyber-insurance policy, or by the time a response is needed, the timing is too late.

A large academic medical center recently paid the ransom to have their data back quickly. Security professionals may not agree with the decision to settle. The organization had responded swiftly to recover operationally without impacting patient's lives.

Healthcare organizations must have ransomware payment discussion early to avoid system interruption for days. Key areas of focus for IT and security operations are:

• Understanding the cyber insurance policy.

• Testing backups regularly by actually restoring files.

• Increase the organization's investment in cybersecurity awareness and training.

• Business continuity is a team sport and priority for the organization.