Why Hospitals Must Rethink Cyber Resilience

Healthcare , Incident & Breach Response , Industry Specific Why Hospitals Must Rethink Cyber Resilience John Riggi of the AHA and Josh Howell of Rubrik on Improving Attack Recovery Marianne Kolbasuk McGee (HealthInfoSec) • May 11, 2026     22 Minutes    Credit Eligible Get Permission Audio Player 00:00 00:00 Use Up/Down Arrow keys to increase or decrease volume. Josh Howell, healthcare CTO, Rubrik; and John Riggi, national cyber and risk adviser, American Hospital Association Hospitals face relentless ransomware attacks that threaten patient safety and operations. More than ever, cyber teams need to strengthen their resilience, with clinical continuity, immutable secure backups and coordinated recovery as critical strategies in a rapidly evolving threat landscape, said John Riggi of the American Hospital Association and Josh Howell of Rubrik. "In this increasingly digitally complex, digitally interdependent ecosystem that healthcare operates in, there is no way for us to 100% prevent attacks and eliminate all the vulnerabilities which expose us to attacks," said Riggi, national advisor for cybersecurity and risk at the AHA. The AHA is partnering with security firm Rubrik, as well as various other organizations, such as non-profit health accreditation organization Joint Commission, to promote and enhance hospital resiliency awareness and readiness. A vital component of that resiliency is ensuring a robust, secure, immutable data backup strategy that not only supports system restoration and reduces extended outages, but also helps organizations avoid ransom payments, Riggi said. "Everything you can imagine, from destroying SQL databases, destroying the storage arrays, manipulating system time - there is extensive lists of things we've seen in nation-state actors attacks," said Howell, healthcare chief technology officer at Rubrik. "It is critically important, not just for patient care, but to make sure these health systems stay in business and continue to serve the populations that depend on them," he said. In the audio interview with ISMG (see audio link below photo), Riggi and Howell also discussed: The importance of coordinated incident response; The role of secure backups in recovering from damaging cyberattacks; How artificial intelligence is changing the threat landscape and resiliency for hospitals. Riggi leads cybersecurity and risk for the AHA, which has more than 5,000 U.S. member hospitals. He previously served in the FBI for 30 years in a variety of leadership roles, including representative to the White House Cyber Response Group. He also served as a senior representative to the CIA, working as the national operations manager for terrorist financing investigations. As Rubrik’s healthcare CTO, Howell partners with healthcare organizations to develop and implement cyber resilience strategies and business continuity plans. That includes implementing key lessons learned from major attacks into proactive preparation measures, helping organizations mitigate cybercrime and recover back quickly from cyberattacks.