Skip to main content

Build The Team You Need: CFO Lessons From a Cyberattack

Analysis  |  By Marie DeFreitas  
   April 30, 2025

Collaboration and training are two ingredients for a successful cybersecurity strategy.

The Change Healthcare cyberattack caused more damage to the healthcare industry than any previous attack, and the industry is still recovering.

Laurie Beyer, CFO of Greater Baltimore Medical Center, remembers this chaos well.

“We were processing all of our hospital claims through Change Healthcare,” she says. “We had to immediately get clinicians, IT, legal, billing, and myself all together and see how we're going to turn this around because it was impacting cash.”

Beyer says teamwork played an important role in the health system’s recovery.

“We ended up quickly pivoting to another clearing house,” she adds. “That decision was made in collaboration with all the important parties. That wasn't something that I just did on my own.”

The situation was intense, but not totally unfamiliar to Beyer, GBMC had suffered a cyberattack just a few years earlier.

“We had a cyber attack at the end of 2020, so we were still in the pandemic, and we were down for a month,” she says.

This challenge required an intense amount of collaboration and teamwork, Beyer says. The collaborative process involved huddles with all key constituents and figuring out how the system would process payroll and conduct other financial services.

Adding to the intensity was the fact that GBMC didn’t have a chief operating officer, who had retired and wasn’t replaced. Out of necessity, Beyer stepped to the forefront and worked with her team and the health system’s vendors to get operations back online.

Then came the question of “how do we make ourselves safe?” Beyer says.

A contributing factor to GBMC’s 2020 cyberattack was out-dated equipment (also one of the causes of the Change Healthcare attack).

“It happened because we had old equipment that hadn't been updated, and the [hackers] could get in easily,” Beyer says. “So we had to update all the equipment, get it up to 2021 standards.”

“The other thing we did, we had everything on one network when we got attacked, so everything went down,” she says. “ Working together, we segmented the electronic medical record from the imaging system, etc., so  hat if we get attacked [again], it's not so devastating. That was a huge undertaking.”

With so many interdependent processes in healthcare, health systems that are able to immediately jump into smooth, familiar collaborations can make all the difference when a cyberattack occurs.

“I think we had one person in cybersecurity, so we had to bring on more resources and actually make homegrown people that we trained,” Beyer says.

Training staff was a large part of the process to building a team that could handle hectic events like cyberattacks, Beyer says. 

“We had to really build the team internally,” Beyer says.

Beyer says cybersecurity is a part of GBMC’s quarterly Audit Compliance Committee, illustrating the direct impact of collaboration between finance and IT.


“Our chief Information officer and cyber manager will present, and give a lay of the land first, then we’ll discuss how GBMC is doing, and how vulnerable we are against all of the scoring that is out there,” Beyer says.

Now, “we're actually in a pretty good spot,” Beyer says.

CFO Lessons Learned

Collaboration

CFOs don’t need to act as assistant CTO, but they do need to ensure they are on the same page. Ensuring all cyber security software and equipment is up-to-date can help curtail cyberattacks before they turn into massive financial challenges.

Training

Beyer says training and certifying staff helped ensure that the system was prepared if another cyberattack were to happen. This, along with close-knit teamwork, helped to ensure that IT operations ran smoothly, as well as ensuring the organization remained agile and could quickly make decisions and pivot when needed.

Marie DeFreitas is the CFO editor for HealthLeaders.


KEY TAKEAWAYS

The Change Healthcare cyberattack showed healthcare what can happen if outdated software isn’t kept current.

Laurie Beyer, CFO of Greater Baltimore Medical Center, shares what she learned when her organization had cyberattack in 2020.


Get the latest on healthcare leadership in your inbox.