Start Where You Are: Resilience in Healthcare Begins With Action

In this episode of Building Cyber Resilience: A Healthcare Leader’s Guide, Josh Howell, Healthcare CTO at Rubrik, sits down with Heather Costa, Director of Technology Resilience at Mayo Clinic and Vice President at WiCyS Healthcare. Heather breaks down what it takes to build real resilience inside complex healthcare systems where downtime carries human consequences. She shares practical frameworks for prioritization, overcoming analysis paralysis, and aligning leadership around what matters when every minute counts.

🎧 You’ll learn:
How to define a clear North Star for resilience strategy
How to prioritize using Oxygen Decisions and the Grandma Gate
Why action beats planning without movement
How to break analysis paralysis and start with what you already have
Why response and recovery are different disciplines
When good enough protects lives during crisis recovery
How organizational will drives success more than technology

YouTube Chapters:
[00:00] Welcome and Introduction to Heather Costa
[00:55] Blue-Sky Strategy: Defining the North Star
[03:18] Where Are We Today and Where Are We Going?
[06:38] Working Through Ambiguity and Taking Action
[09:29] What’s in the Box: Breaking Planning Paralysis
[12:00] Oxygen Decisions and the Grandma Gate Framework
[14:23] Battlefield Medicine and “Good Enough” Recovery
[16:38] Urgency, Patient Safety, and Real-World Stakes
[18:52] Organizational Will and Radical Transparency
[21:51] The Power of Data Paired With Human Storytelling
[25:02] Alternate Recovery Environment: The Hotel vs. the House
[27:04] Why Resilience Has No Finish Line
[27:36] Final Takeaways and Closing

👉 You can explore the resilience framework discussed in this episode and access the supporting asset here : https://www.rubrik.com/lp/white-papers/building-cyber-resilience-a-healthcare-leaders-guide.

If you enjoyed this episode, be sure to subscribe to our YouTube channel.