Half of ransomware victims who pay the ransom don’t get their data back: 5 things to know

Only about half of the organizations that suffered a ransomware attack in 2017 recovered their data after paying the ransom, according to a CyberEdge Group survey

The research and marketing firm spoke with nearly 1,200 IT security pros in 17 countries about their experiences with cyberattacks last year.

Here are five survey insights.

1. Seventy-seven percent of the organizations surveyed suffered a form of a cyberattack in 2017, which is down from 79 percent in 2016. This marks the first time in five years the percentage of organizations who were hit by a cyberattack declined.

2. Just over half (55 percent) of respondents fell victim to a ransomware infection in 2017, compared to 61 percent in 2016.

3. Of the organizations that suffered a ransomware attack, 38.7 percent of victims decided to pay the ransom demand. However, only 49.4 percent of those organizations actually recovered their data, as opposed to 86.9 percent of organizations that refused to pay the ransom and were able to recover their data.

4. Organizations ranked malware as their top concern, followed ransomware, phishing and credential abuse attack.

5. Cybersecurity-related budgets are expected to account for 12 percent of an organization’s overall IT spend in 2018, which represents a 4.7 percent growth year-over-year.

Click here to download the complete report.

Source: Half of ransomware victims who pay the ransom don’t get their data back: 5 things to know


CrowdCrypto Newsletter – Issue #12

Another great summary of Crypto news from Robin Sosnow (@RobinSosnowEsq). 

🇺🇸 USA Regulatory Spotlight: 

Cryptocurrency Spotlight:

Global Spotlight:

Events Spotlight: 

Equity Crowdfunding Spotlight:

Source: CrowdCrypto Newsletter – Issue #12

4 things I have held dear in life the simple principles:


Over the years in work or at home you gain mentors or people you listen to or look up to for advice. During these years the most impressive point was given to me by a friend and respected individual that I have held dear to this very day and are simple guiding principles at work and home.

4 things I have held dear in life the simple principles:

Humility – Someone else obligation, Before the opportunity

  • Humility or humbleness is a quality of being courteously respectful of others. It is the opposite of aggressiveness, arrogance, boastfulness, and vanity. Rather than, “Me first,” humility allows us to say, “No, you first, my friend.” Humility is the quality that lets us go more than halfway to meet the needs and demands of others.
  • The quality or condition of being humble; modest opinion or estimate off one’s own importance, rank, etc. 

Integrity – Do the right thing always

  • Firm adherence to a code of especially moral or artistic values
  • The quality of being honest and having strong moral principles; moral uprightness.
  • The condition of being unified, unimpaired, or sound in construction.

Respect – Hierarchy is not a proxy

  • A feeling of deep admiration for someone or something elicited by their abilities, qualities, or achievements.
  • Due regard for the feelings, wishes, or rights of others
  • Hierarchy is not a proxy for the interactions between one another Hierarchy is just a method of getting what needs to be done, done. Everyone is equal everyone has some in Hierarchy above them, next to them and below them, we should never ever forget this at home or at work.

Conviction – Honorable Intentions and Belief

  • fixed or firm belief the act of convincing a person by argument or evidence.

If you keep these things dear to your heart and wear them on your sleeve, the results can be surprising, when you compromise on any you compromise on all of them and you tumble down the slippery slope.

A lot of people say they have principles, and they might be able to rattle off some thoughts and points, but it’s more what they action and actually what they do which is more important. Not just the talk but the action speak larger than the words its what can bind you together or show how far apart you might be.

Teams, individuals, and your family need to be able to do amazing things each and everything minute of the day. Having these 4 principles, it has given me a baseline to reference against.


Cerner to showcase Apple collaboration at HIMSS18, president Zane Burke says 

The EHR maker will also be featuring innovations in longitudinal health records, cloud services, machine learning and more to help customers manage value-based contracting.

“We’ll showcase our collaboration with Apple to make health records available at your fingertips in the Apple Health app,” said Cerner President Zane Burke.

HIMSS18 will be a pivotal one for Cerner in many ways. It’s the first with new CEO Brent Shafer, who has big shoes to fill as the first outside hire to lead the company since founder and longtime CEO Neal Patterson passed away last summer.

And it comes as the company has arguably more big projects on its to-do list than ever, including the massive ongoing MHS Genesis project for the U.S. Department of Defense and the upcoming contract with the Department of Veterans Affairs – to its continuing innovation on any number of fronts, from consumerism to the cloud, interoperability to artificial intelligence.

“Recently, Cerner and Apple worked together to make personal health information accessible on a consumer platform, and we’re working with a range of partners and clients to turn up the heat on the conversation about interoperability,” Cerner President Zane Burke said. “We’ll showcase our collaboration with Apple to make health records available at your fingertips in the Apple Health app.”

Burke added that Cerner will also be offering a look at virtual health solutions that empower individuals to manage their health via telemedicine and remote monitoring technologies as well as intelligent solutions for hospitals as they adjust to rising costs and value-based care.

“We’re at a pivot point with the digitization of health information, and we are redefining the idea of ‘care.’” Burke said. “We’re moving from managing patient encounters to providing for the well-being of populations.”

Cerner is particularly focused on the growing clout of the healthcare consumer and is committed to activating and engaging patients to be more proactive in their own health. Central to this work is the agility and speed offered by cloud technology, and Burke said Cerner continues to work with leading companies in industries other than healthcare to build on its own cloud-based offerings.

Cerner’s founding membership in the CommonWell Health Alliance – which was first announced five years ago at HIMSS13 – is one way to help innovate on the interoperability front, he said, and the company is committed to the co-creation of an open platform for innovation by leveraging FHIR standards through its work with the Argonaut Project.

More fluid data exchange, particularly with the DoD, was a major driver for the contract Cerner was awarded for the VA’s new EHR this past June, of course. Although the contract is currently on pause while MITRE does an independent assessment of its specifications, Burke said the VA project ultimately will “not only create seamless care for our nation’s veterans, it will also fundamentally change interoperability in the commercial healthcare space — something we are very excited about.”

Population health management is another imperative in the era of value-based reimbursement, and it’s another area “where Cerner continues to grow,” he said. “Providers need data that is actionable at an individual and community level to improve care. Cerner is uniquely positioned, through our cloud-based platform HealtheIntent, to pull all those data points together, aggregate and normalize the data and feed it back into the workflow for clinicians to act on.”

And analytics to help mine that data for the most useful insights are fast-evolving too – largely driven by lightning-fast advances in artificial intelligence and machine learning, which “remain a key focus for Cerner,” said Burke.

He pointed to early efforts such as the Cerner HealtheDataLab technology, which offers a secure environment where researchers and data scientists can “query de-identified data, extract and transform data sets in research-ready formats, build complex models and algorithms and validate findings in a single elastic environment.”

Cerner is in Booth 1832.

Source: Cerner to showcase Apple collaboration at HIMSS18, president Zane Burke says | Healthcare IT News


Mastering Data Sovereignty – CIO Journal

Amid ongoing concerns over data privacy, ownership, and governance, technology leaders are playing a critical role in making data broadly available throughout the enterprise, while also ensuring compliance with an array of differing data regulations around the globe.

CIOs can take advantage of a holistic data management approach and new cognitive capabilities to increase data accessibility and control.

As data grows in complexity and importance, IT leaders are entering a new era of data management. There is increasing demand to make data freely accessible, understandable, and actionable across business units, departments, and geographies to enable digital transformation efforts. At the same time, many global companies are under pressure to comply with varying country-specific rules about what data may be shared within or beyond geographic borders.

The good news is that CIOs can take advantage of new data management techniques and tools to strike the right balance between accessibility and control. Now is an opportune time for IT leaders, working in partnership with their business peers, to develop an “enterprise data sovereignty” road map to facilitate understanding of data relationships, guide data storage, and manage data rights. And by employing new cognitive capabilities, they can automate aspects of data management, redesign data architecture, and elevate data stewardship.

A holistic approach to data architecture and management can help improve the performance of this business-critical asset, helping to foster innovation and growth. It can also serve as a platform for helping organizations comply with existing and expected national data sovereignty rules around the world.

Data Wants to Be Free

There is no question that the ability to strategically manage ever-growing stores of data will be a competitive advantage in the digital age. In many companies, data collection, access, and management remain siloed by department, business unit, or geography. However, as companies seek to digitally transform, data must be more freely accessible throughout organizations for companies to realize their full potential.

Historically, few companies have been able to master data management—even when much of that data was structured and stored in tables or basic systems. As data has grown in volume and variety, those challenges have multiplied. With many organizations doubling their data every two years, short-term strategies for data computing and storage can quickly become obsolete. New data management architectures and strategies are likely needed to accommodate the big data explosion.

That’s where enterprise data sovereignty comes in: It’s a way for IT and business leaders to develop a holistic data management strategy for the organization, with the goal of making data available, consistent, and controlled throughout the company. CIOs who take this approach know where data is stored; who has access to it; and how or whether it moves beyond business unit, geographic, or company boundaries.

Over the next 18 to 24 months, more companies will likely begin modernizing their data management in this way, working to increase data discipline and availability. Viewing data through the lens of enterprise data sovereignty can help companies solve challenges related to architecture, global regulatory compliance, and data ownership.

Whose Data Is It Anyway?

One of the first issues IT and business leaders confront in developing an enterprise data sovereignty plan is data ownership. In the past, IT owned the systems and, therefore, the data. That’s not necessarily the case anymore.

Going forward, the question of data ownership will be answered differently in different companies. There will be no one-size-fits-all approach. Many organizations will employ a data steward focused primarily on data quality and uniformity. Some organizations are hiring chief data officers, but their focus is less on managing data than on illuminating and curating the insights the data yields. In many companies, there may be no de facto owner at all. In any case, the most important decisions may concern not who owns the data, but rather what principles govern data management and access and how those rules are operationalized.

Organizations that are beginning to master enterprise data sovereignty share some common success factors. First, they bring together key stakeholders to determine goals for data quality, uniformity, collection, storage, and aggregation. They also have a data management function, owned and led by the business, that enforces decisions about management, governance, and consumption. This hybrid approach—having some level of centralization to enforce decisions made by a cross-functional stakeholder group—is typically the most effective way to operationalize enterprise data sovereignty.

Data Architectures for the Future

Creating a modern data architecture is challenging for most organizations. Even for those with a track record of success, traditional master data management, data quality, and data governance processes may fail to keep pace with data flowing in from new places in different formats.

IT leaders who want to build a platform for enterprise data sovereignty consider not only how and where data is stored, but also the sourcing and provisioning of authoritative data, metadata management, master data management, information access and delivery, data security, and data-archiving capabilities.

Thankfully, today’s IT leaders can take advantage of advanced components to build their data management architectures. The following new cognitive capabilities can help organizations better manage data across its life cycle—from consumption to analysis:

  • Ingestion and signal-processing hubs can make sense of structured and unstructured data from public, social, private, and device sources.
  • Cognitive data stewards can help users understand new compliance requirements and augment human data stewards.
  • Data integrity and compliance engines work to enhance data quality and fill data gaps to help ensure data quality and integrity.
  • Dynamic data fabrics understand the interconnectivity of data and can maintain metadata and linkages as data moves through different systems.
  • Enterprise intelligent layers employ machine learning to illuminate deep data insights and help increase confidence in real-time analytics.

Maintaining Global Compliance

National data sovereignty rules, such as the much-anticipated General Data Protection Regulation in the European Union, are also an issue. While the cost of compliance with various regulatory requirements will be substantial, the price of noncompliance is likely to be even higher.

Taking an enterprise data sovereignty approach can help companies deal with the thorny issue of maintaining compliance with regulatory and privacy requirements that differ dramatically by nation. CIOs can also deploy technology solutions for global regulatory compliance. A sophisticated rules engine deployed directly into cloud servers can apply myriad rules to data dynamically to determine which stakeholders in specific jurisdictions are allowed access to what data. IT leaders can also segregate data into logical cloud instances by legal jurisdiction and deploy controls to limit cloud access to those data stores to users in each locale.

At a business level, it can also be valuable to shift the focus from managing and sharing data to managing and sharing insights. Insights, after all, can be transferred freely throughout a global organization even when data cannot.

Where to Begin

The Holy Grail for IT leaders is an enterprise data sovereignty strategy that can handle growing volumes of data in an agile, efficient, and controlled manner. The distance between today’s data management reality and that end state can seem daunting, but there are some actions IT leaders can take to move in the right direction:

  • Pay down data debt. Smart IT leaders can confront the extent of their existing data sprawl in order to understand the magnitude of the issues to be addressed.
  • Begin at the beginning. Many of a company’s data problems can be traced upstream to the information supply chain, where CIOs can focus their efforts to link, merge, route, and cleanse data.
  • Use metadata—and lots of it. Adding metadata to raw data at the point of ingestion is among the best ways to enhance data context.
  • Employ a cognitive data steward. Leveraging advanced AI technologies to assist human data stewards can free data professionals to focus on the bigger data sovereignty picture.


The enterprise data landscape is only becoming more complex, with new and increasingly unstructured data coming online every day and a dynamic global regulatory environment. That’s why forward-looking IT leaders are beginning their data modernizations efforts today.

—by Bill Briggs, principal and chief technology officer; Juan Tello, principal; and Ashish Verma, managing director, Deloitte Consulting LLP


Source: Mastering Data Sovereignty – CIO Journal – WSJ


More than 1,000 hospitals have closed in 35 years. Ezekiel Emanuel says that’s a good thing.

More than 1,000 hospitals have closed in 35 years. Ezekiel Emanuel says that’s a good thing.

In the past 35 years, hospitalizations have declined by more than 10% as more patients migrate to urgent-care centers, physicians’ offices, and at-home care—and the disappearance of hospitals is “inevitable and good,” Ezekiel Emanuel writes in a provocative op-ed for the New York Times.

Emanuel, a prominent physician and vice provost at the University of Pennsylvania, writes that U.S. hospitalizations reached their peak more than 35 years ago, in 1981. There are now fewer hospitalizations than in 1946.

Due to this decline, the number of hospitals has fallen as well, from 6,933 in 1981 to 5,534 this year.


Why hospitals are disappearing

One reason hospitals are disappearing, according to Emanuel, is that patients increasingly view hospitals as potentially dangerous places to be—”less therapeutic,” he writes, “and more life-threatening.”

In 2002, there were 1.7 million cases of hospital-acquired infections, resulting in nearly 100,000 deaths, according to CDC research. Plus, hospitalizations create risks of medical errors and falls—and constant interruptions in the middle of the night “are not conducive to recovery,” Emanuel writes.

Further, providers increasingly can provide complex care outside of the hospital, Emanuel writes. For example, anti-nausea medications and new forms of treatment mean that many cancer patients no longer have to receive their chemotherapy at hospitals. Similarly, hip and knee replacements are often performed at ambulatory surgical centers rather than at the hospital. Births frequently happen either at home or at birthing centers.

These trends will continue, Emanuel contends, and as they do, more hospitals will downsize, merge, close, or turn into doctors’ offices or outpatient clinics. The hospitals that remain, he writes, will focus on their ED, complex procedures like organ transplantation or brain surgery, and similarly urgent and high-complexity services.

Emanuel’s provocative argument about how hospitals will respond

Emanuel writes that, while he believes the shift away from hospitals will benefit patients, special interest groups within the hospital business may find it threatening. As such, he argues that hospitals are likely to lobby for higher payments from the government and insurers “to retain the ‘good’ jobs hospitals offer.”

But Emanuel argues that “the shift of medical services out of hospitals will create other good jobs—for home nurses, community health care workers and staff at outpatient centers.”

Further, revenue pressures will lead even more hospitals to consolidate and merge into massive health systems. Emanuel writes that the hospitals will claim that these mergers will create cost savings for the consumer, but he argues that these “mergers create local monopolies that raise prices to counter the decreased revenue from fewer occupied beds.” Federal antitrust regulators, he argues, should oppose these mergers.

“Instead of trying to forestall the inevitable, we should welcome the advances that are making hospitals less important,” Emanuel writes. “Any change in the healthcare system that saves money and makes patients healthier deserves to be celebrated” (Emanuel, New York Times, 2/25).

Source: More than 1,000 hospitals have closed in 35 years. Ezekiel Emanuel says that’s a good thing. | Advisory Board Daily Briefing


Flex Expands Digital Health Capabilities, Launches BrightInsight Connected Health Solution on Google Cloud Platform

Advanced medical-grade managed services solution analyzes connected medical device data and therapies, delivering real-time insights within a regulatory-compliant environment

SAN JOSE, Calif., March 1, 2018 /PRNewswire/ — Flex (FLEX), the Sketch-to-Scale™ solutions provider that designs and builds intelligent products for a connected world, has expanded its service offerings for the healthcare industry with a new digital health offering. BrightInsight is a secure, managed services solution built on Google Cloud Platform that can aggregate data and deliver real-time insights to optimize the value of connected drug, device or combination products. The company made the announcement ahead of the annual Healthcare Information and Management Systems Society (HIMSS) conference, taking place March 5-9 in Las Vegas, Nevada.

The  McKinsey Global Institute estimates that applying big-data strategies to better inform healthcare-related decision making could generate up to $100 billion in value annually across the U.S. healthcare system. Medical devices today collect massive amounts of data, which creates enormous potential for a rapid feedback loop that can help improve patient care and enhance drug therapy delivery and management. In order to make an impact, the data needs to be aggregated from a myriad of apps and stand-alone devices, as well as analyzed to provide actionable insights. BrightInsight solves these challenges and helps patients and health care professionals, from physicians to medical device and pharmaceutical manufacturers, to better understand medical device usage and medication adherence, and streamline the product development and certification process.

“We saw the need for a secure cloud platform designed to support highly-regulated connected drug delivery and medical devices, going beyond simple connectivity to deliver real-time intelligence and actionable insights,” said Kal Patel, MD, senior vice president of Digital Health for Flex. “With our 20 years of experience operating in global regulated medical environments, and having deployed more than 75 regulated hardware and software medical products, Flex can combine our cross-industry capabilities to simplify our customers’ digital transformation.”

Flex is partnering with Google Cloud to deliver insights through customizable analytics dashboards fueled by Google Cloud’s advanced machine learning and artificial intelligence (AI) capabilities. Google Cloud Platform enables BrightInsight to securely store, analyze and gain insights from health information, without pharmaceutical and medical technology customers having to manage the underlying infrastructure. Advanced use cases for BrightInsight may include controlling connected devices, drug dosing, decision support, personalized patient interventions, trend analysis and AI-driven insights.

“Google Cloud is committed to leveraging our deep engineering expertise to accelerate innovation in digital healthcare,” said Gregory Moore, MD, PhD, vice president, Healthcare, Google Cloud. “With a partner like Flex, we will enable our customers to develop innovative solutions and leverage machine learning-based analytics that can turn new data sets from wearables, medical devices, therapies and apps into actionable information for patients and providers.”

BrightInsight is designed to support CE-marked and FDA-regulated Class I, II and III medical devices, combination products and Software as a Medical Device requirements, enabling automated interventions. Deployed as a managed service, the BrightInsight platform allows pharmaceutical and medical technology companies to accelerate their time to market, reduce the cost of implementation and maintenance across multiple products, and scale for global markets.

BrightInsight features foundational capabilities for rapid development and a modular platform architecture to support customization and worldwide implementation. It is built from the ground up to securely manage highly regulated medical device data and personal health information, and Flex has put the people, technology and processes in place to monitor security and threat prevention to meet global compliance standards.

BrightInsight eliminates regulatory bottlenecks that can lead to costly delays by offering turnkey regulatory design control and file management of master files with the FDA. This service enables pharmaceutical and medical technology companies to focus on their drug, device or combination product submissions without the burden of documenting the software platform.

Source: Flex Expands Digital Health Capabilities, Launches BrightInsight Connected Health Solution on Google Cloud Platform


Uber is driving patients to their doctors in a big grab for medical transit market – The Verge

Big money, and bigger pitfalls, await the ride-hailing giant

Uber announced the launch of a new digital tool meant to book rides for patients who need assistance getting to and from their appointments. A health care provider can book a ride for patients and caregivers immediately, within a few hours, or with 30 days’ notice. The company is positioning itself as a cheaper and more reliable option than most non-emergency medical transportation.

Uber Health is available in two versions: as an online dashboard and as an API for software developers to integrate ride-hailing capabilities into their own health care tools. The service doesn’t require an Uber account; notifications can arrive via SMS text message. The company plans to expand the service so that people with landlines will be able to get trip details that way — or via a mobile phone that isn’t a smartphone. Uber says the billing is simple and easy to manage. It’s also compliant with our most important medical privacy law. Today’s announcement includes over 100 health care providers all across the US.

The non-medical-emergency medical transportation market is worth more than $3 billion, according to the Transit Cooperative Research Program, a federally funded independent research entity. A lot of that money is for people who can’t drive — either because of age or poverty — and so Medicare and Medicaid providers foot the bill. Uber has clearly become interested in the industry. In 2016, Uber partnered with Boston-based company Circulation to provide rides for patients to more than 700 participating health facilities in 25 states. And last January, the company hired a veteran lobbyist in Washington, DC, to pursue the ride-hailing company’s agenda on policies related to health care and medical records privacy. It’s not the only ride-share company looking for a piece of this market: Lyft also teamed up with Circulation and with insurer CareMore Health Systems.

“If there are people who are missing their appointments because they’re using an unreliable bus service to get to and from their healthcare provider, this is a great solution for them,” Chris Weber, general manager of Uber Health, told The Verge. “The types of individuals this is valuable for really is limitless.”

An average of 3.6 million Americans miss their health care appointments every year because of unreliable transportation, according to JAMA Internal Medicine. Missed appointments can trigger a chain reaction of increased emergency room visits, extended hospital readmissions, and higher costs distributed across the industry. Experts estimate the impact of these missed appointments is $150 billion every year.

Uber Health is compliant with the US’s health care rules on data privacy, known as the Health Insurance Portability and Accountability Act, or HIPAA. “We built this service from the ground-up in a fully HIPAA-compliant technology stack,” Weber said. “It was architected from Day One. Everything we built from a technology perspective was built to fit within the constraints and best practices of HIPAA.”

And while being HIPAA-compliant is a good thing, it doesn’t necessarily get rid of all the risk. “Even if a platform is HIPAA-compliant, providers risk potential imposition of stiff penalties for data breaches, and business associate agreements should be implemented between providers and ridesharing companies,” legal consultants from Carlton Fields wrote in a 2016 note entitled “Offering Ridesharing Services to Patients: Uber Risky?”

Uber was hit by a cyberattack in 2016, exposing the personal information of 57 million riders and drivers. Later, the company was accused of trying to cover it up.

Uber also doesn’t have the best track record when it comes to wheelchair accessibility. The company was sued by disability advocates last year, accused of denying equal access to people who use wheelchairs and violating Title 3 of the Americans with Disabilities Act. Weber said, “It’s definitely something we’re focused on making a better, more reliable experience, but as of now this is really focused on reaching out to the existing driver network.”

Even as the ride-hailing company tightens its grip on all forms of transportation, don’t expect this to lead to Uber-branded ambulances in the near future. “Not on our road map,” Weber said.

Source: Uber is driving patients to their doctors in a big grab for medical transit market – The Verge