Te Watu Ora - Health NZ expects a full payout from its cyber security insurers as negotiations continue in the wake of the costly Waikato DHB attack.
The new agency, which took charge of the former DHBs on 1 July last year, was told in a handover document related to that process that forensic accounting firm Marsh Forensic had collated and passed on all supporting documentation received up to 31 March 2022 to the accountants and lawyers who were working on behalf of the insurers.
The claims made totalled $16.5 million.
"Some further work still needs to be done by the Marsh Forensic team on the accruals and adjustments, although Marsh note that given the overall value of the claim costs subject to assessment relative to the maximum policy claim cost, this extra reconciliation work is not an issue at this stage," the document said.
"We therefore continue to expect the cyber policy to be paid out up to its maximum limit (as the costs incurred from the cyber event exceeded the
Sonny Taite, Te Whatu Ora – Health New Zealand's national chief information security officer, told Reseller News last week the payout discussions remained ongoing and "commercially sensitive".
The handover document said the impact of the attack, a tough global market and the claims made meant cover for the 2022/23 financial year was challenging.
Premiums had increased from $0.4 million to $1.3 million year on year.
"Staff from the national data and digital team helped Marsh Insurance brokers to present the current cyber security status of DHBs, and took them through the Health Cyber Security Programme," the document said.
"It enabled DHBs to put their best foot forward and at least gives grounds for Chubb and AIG teams to put a case up for renewal."
"The cost-benefit trade-off for cyber and other forms of niche insurance is something Health NZ will need to monitor as well as recognising the possibility that claims can so dramatically increase future costs in a category that on a long-term view other forms of risk management may be preferable," the former DHB advised.
Meanwhile, Te Whatu Ora's three-year national Cyber Security Uplift (CSU) programme was launched in February 2022 with just over $75 million in funding.
Te Whatu Ora told Reseller News the programme was implementing a number of initiatives and technologies to increase cyber security capability across the new organisation including multiple Microsoft enhancements to help build cyber security capability.
These included increased protection against ransomware, phishing attempts, brute force attack and compromised accounts. The work was focused on rolling out to more than 110,000 devices across Te Whatu Ora and Te Aka Whai Ora.
A national Security Operations Centre (SOC) has also been created to manage and monitor our security environment.
The SOC was responsible for identifying, analysing, and responding to security incidents and threats by using a range of tools and technologies to detect and prevent cyber-attacks, including firewalls, intrusion detection systems and antivirus software.
Vulnerability management had also been beefed up, delivering a proactive approach to maintaining security of digital devices by regularly scanning and addressing potential vulnerabilities before they could be exploited.
"We have procured a new platform to support how we manage this within our organisations," the document said.
"This platform allows us to scan our IT infrastructure for potential security issues and get detailed reports on the vulnerabilities and risks that have been identified, which in turn helps us to prioritise those most critical issues that require addressing first."
Network security had also been boosted while staff had received awareness training to lift their knowledge and capability including the roll out of attack simulation tools.