Christopher R Dennis, Christopher S Evans, Kathleen Duckworth, Misty McLawhorn Skinner, John Hanna, Tanya Thompson, Donette Herring, Richard J Medford
{"title":"面对颠覆的弹性:对2024年7月CrowdStrike事件的看法。","authors":"Christopher R Dennis, Christopher S Evans, Kathleen Duckworth, Misty McLawhorn Skinner, John Hanna, Tanya Thompson, Donette Herring, Richard J Medford","doi":"10.2196/69958","DOIUrl":null,"url":null,"abstract":"<p><strong>Unlabelled: </strong>In an era where health care is increasingly dependent on digital infrastructure, the resilience of health IT systems has become a cornerstone of patient safety and operational continuity. As cyber threats grow in frequency and sophistication, health care organizations have turned to advanced cybersecurity tools to safeguard their systems. Yet even the most robust defenses can falter. On July 19, 2024, a routine update from a widely used cybersecurity platform triggered a widespread IT disruption. A flawed sensor configuration led to 8647 \"blue screen of death\" (BSOD) events, with 729 devices requiring manual remediation. What unfolded was not just a technical crisis but a test of organizational agility, collaboration, and resilience. This viewpoint traces the response to that disruption, highlighting the pivotal role of clinical informaticists and the coordinated efforts that enabled a rapid recovery. From the formation of an incident response team to the triage and mitigation of impacted systems, the response was swift and strategic. Clinical informaticists emerged as key players, bridging the gap between technical teams and frontline care providers. They identified workflow disruptions, facilitated communication, and ensured that patient care remained as uninterrupted as possible. Despite the scale of the outage, operations continued with minimal disruption-thanks to early recognition, decisive action, and cross-disciplinary collaboration. This incident underscored the importance of a well-practiced response plan, clear communication channels, and the integration of clinical expertise in technical recovery efforts. As we reflect on this event, several lessons emerge: the need for continuous refinement of incident response strategies, the value of regular training exercises, and the critical role of clinical informatics in navigating digital crises. This paper calls for a renewed commitment to building resilient health IT ecosystems-ones that can withstand disruption and continue to support the delivery of safe, effective care.</p>","PeriodicalId":56334,"journal":{"name":"JMIR Medical Informatics","volume":"13 ","pages":"e69958"},"PeriodicalIF":3.8000,"publicationDate":"2025-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12404578/pdf/","citationCount":"0","resultStr":"{\"title\":\"Resilience in the Face of Disruption: Viewpoint on the CrowdStrike Incident in July 2024.\",\"authors\":\"Christopher R Dennis, Christopher S Evans, Kathleen Duckworth, Misty McLawhorn Skinner, John Hanna, Tanya Thompson, Donette Herring, Richard J Medford\",\"doi\":\"10.2196/69958\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><strong>Unlabelled: </strong>In an era where health care is increasingly dependent on digital infrastructure, the resilience of health IT systems has become a cornerstone of patient safety and operational continuity. As cyber threats grow in frequency and sophistication, health care organizations have turned to advanced cybersecurity tools to safeguard their systems. Yet even the most robust defenses can falter. On July 19, 2024, a routine update from a widely used cybersecurity platform triggered a widespread IT disruption. A flawed sensor configuration led to 8647 \\\"blue screen of death\\\" (BSOD) events, with 729 devices requiring manual remediation. What unfolded was not just a technical crisis but a test of organizational agility, collaboration, and resilience. This viewpoint traces the response to that disruption, highlighting the pivotal role of clinical informaticists and the coordinated efforts that enabled a rapid recovery. From the formation of an incident response team to the triage and mitigation of impacted systems, the response was swift and strategic. Clinical informaticists emerged as key players, bridging the gap between technical teams and frontline care providers. They identified workflow disruptions, facilitated communication, and ensured that patient care remained as uninterrupted as possible. Despite the scale of the outage, operations continued with minimal disruption-thanks to early recognition, decisive action, and cross-disciplinary collaboration. This incident underscored the importance of a well-practiced response plan, clear communication channels, and the integration of clinical expertise in technical recovery efforts. As we reflect on this event, several lessons emerge: the need for continuous refinement of incident response strategies, the value of regular training exercises, and the critical role of clinical informatics in navigating digital crises. This paper calls for a renewed commitment to building resilient health IT ecosystems-ones that can withstand disruption and continue to support the delivery of safe, effective care.</p>\",\"PeriodicalId\":56334,\"journal\":{\"name\":\"JMIR Medical Informatics\",\"volume\":\"13 \",\"pages\":\"e69958\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2025-09-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12404578/pdf/\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"JMIR Medical Informatics\",\"FirstCategoryId\":\"3\",\"ListUrlMain\":\"https://doi.org/10.2196/69958\",\"RegionNum\":3,\"RegionCategory\":\"医学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"MEDICAL INFORMATICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"JMIR Medical Informatics","FirstCategoryId":"3","ListUrlMain":"https://doi.org/10.2196/69958","RegionNum":3,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"MEDICAL INFORMATICS","Score":null,"Total":0}
Resilience in the Face of Disruption: Viewpoint on the CrowdStrike Incident in July 2024.
Unlabelled: In an era where health care is increasingly dependent on digital infrastructure, the resilience of health IT systems has become a cornerstone of patient safety and operational continuity. As cyber threats grow in frequency and sophistication, health care organizations have turned to advanced cybersecurity tools to safeguard their systems. Yet even the most robust defenses can falter. On July 19, 2024, a routine update from a widely used cybersecurity platform triggered a widespread IT disruption. A flawed sensor configuration led to 8647 "blue screen of death" (BSOD) events, with 729 devices requiring manual remediation. What unfolded was not just a technical crisis but a test of organizational agility, collaboration, and resilience. This viewpoint traces the response to that disruption, highlighting the pivotal role of clinical informaticists and the coordinated efforts that enabled a rapid recovery. From the formation of an incident response team to the triage and mitigation of impacted systems, the response was swift and strategic. Clinical informaticists emerged as key players, bridging the gap between technical teams and frontline care providers. They identified workflow disruptions, facilitated communication, and ensured that patient care remained as uninterrupted as possible. Despite the scale of the outage, operations continued with minimal disruption-thanks to early recognition, decisive action, and cross-disciplinary collaboration. This incident underscored the importance of a well-practiced response plan, clear communication channels, and the integration of clinical expertise in technical recovery efforts. As we reflect on this event, several lessons emerge: the need for continuous refinement of incident response strategies, the value of regular training exercises, and the critical role of clinical informatics in navigating digital crises. This paper calls for a renewed commitment to building resilient health IT ecosystems-ones that can withstand disruption and continue to support the delivery of safe, effective care.
期刊介绍:
JMIR Medical Informatics (JMI, ISSN 2291-9694) is a top-rated, tier A journal which focuses on clinical informatics, big data in health and health care, decision support for health professionals, electronic health records, ehealth infrastructures and implementation. It has a focus on applied, translational research, with a broad readership including clinicians, CIOs, engineers, industry and health informatics professionals.
Published by JMIR Publications, publisher of the Journal of Medical Internet Research (JMIR), the leading eHealth/mHealth journal (Impact Factor 2016: 5.175), JMIR Med Inform has a slightly different scope (emphasizing more on applications for clinicians and health professionals rather than consumers/citizens, which is the focus of JMIR), publishes even faster, and also allows papers which are more technical or more formative than what would be published in the Journal of Medical Internet Research.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
