What happened
Rochester Regional Health (RRH) was awarded a $15 million cybersecurity grant by New York State under the Statewide Health Care Facility Transformation Program. The funding, announced by Governor Kathy Hochul, is earmarked for systemwide hardware and technology upgrades to safeguard patient data, strengthen clinical and operational systems, and improve resilience against rising cyber threats, including ransomware.
Who is affected
The grant will benefit RRH and its affiliated facilities across Western New York, including hospitals and outpatient locations that rely on shared IT infrastructure to deliver care. The investment is designed to protect patients, care teams, and operational systems throughout the health system.
Why CISOs should care
Healthcare remains among the most targeted sectors for cyberattacks, with incidents that can delay care delivery, compromise patient privacy, and divert critical resources. Strategic investments in cybersecurity infrastructure help harden systems that support life‑critical services and protect sensitive health information. This grant reflects government recognition of cyber risks in healthcare and underscores the need for proactive security planning.
3 Practical Actions for CISOs
- Benchmark with similar initiatives: Compare your organization’s cybersecurity strategy and investments with state‑backed programs like this to identify gaps and opportunities for funding or partnerships.
- Prioritize infrastructure upgrades: Focus on strengthening network segmentation, endpoint protection, and hardware lifecycle management to reduce attack surfaces, particularly for systems that support clinical operations.
- Engage leadership on cyber risk: Use cases like RRH’s grant to educate executives and board members on the operational impact of cyber threats and the value of sustained security investment.