The Cyber Attack No One Can Survive Alone | Executive Interview with Josh Howell

The interview spotlights Rubric’s partnership with the American Hospital Association (AHA), earned after an unusually stringent vetting that involved legal negotiations, reference checks, and a review of Rubric’s data‑protection portfolio. The discussion frames cyber‑resilience as a multi‑disciplinary challenge, emphasizing that ransomware recovery hinges on legal, public‑relations, clinical, and IT teams working in lockstep, rather than merely restoring data. Key insights include a predictable 30‑35‑day ransomware timeline versus traditional IT outages of a few days, the critical role of automation in restoring identity controls and core applications, and the necessity of a zero‑trust, secure‑by‑design architecture that isolates recovery tools from compromised admin privileges. The speakers cite John Regi’s alarming board presentation that spurred AHA’s involvement, the industry’s largest IT outage, and a 24‑month, $18 million IR build‑out as concrete examples. Notable quotes underscore the shift from “what do we restore?” to “did the backup survive?” and illustrate how attackers who seize the identity control plane can weaponize an organization’s own tools. The Mandant report’s graphic scenarios of domain‑admin takeover reinforce the argument for multi‑admin authorization and immutable, clean‑room recovery environments. The takeaway for healthcare leaders is clear: begin by verifying backup survivability, then incrementally construct an incident‑response framework using affordable, automated components. This iterative, practice‑driven approach delivers measurable risk reduction now while scaling toward a fully zero‑trust, resilient infrastructure.