HHS Cybersecurity Task Force makes 3 key resources available

CHICAGO – At the HIMSS23 Healthcare Cybersecurity Forum on Monday, a leader with the Cybersecurity and Infrastructure Security Agency cited some sobering statistics, noting an 86% increase in cyberattacks against hospitals since 2021, with healthcare reporting more such incidents than any other industry.

In response to these escalating threats, the U.S. Department of Health and Human Services on Monday made available a trio of new reports and resources to help providers and public health agencies manage the challenges posed by bad actors whose frequent exploits are only growing in sophistication and severity.

The HHS 405(d) Program, in collaboration with the Health Sector Coordinating Council Cybersecurity Working Group, announced three new tools today.

Knowledge on Demand

This online educational platform offers healthcare organizations free cybersecurity training – the first time HHS has offered such services to the health sector workforce.

This platform offers awareness trainings on five cybersecurity topics:

  • social engineering.

  • ransomware.

  • loss or theft of equipment or data.

  • insider accidental or malicious data loss.

  • attacks against network connected medical devices.

The lessons – videos, PowerPoints and more – can be accessed and launched directly from the 405(d) website.

“Cyberattacks are one of the biggest threats facing our healthcare system today, and the best defense is prevention,” said HHS Deputy Secretary Andrea Palm in a statement.

“These trainings will serve as an asset to any sized organization looking to train staff in basic cybersecurity awareness and are offered free of charge, ensuring that those hospitals and health care organizations most vulnerable to attack can take steps toward resilience. This is part of HHS’s continued commitment to working with hospitals, Congress, and industry leaders in protecting America’s patients.”

Hospital Cyber Resiliency Landscape Analysis

This new 55-page survey (PDF) of the healthcare cybersecurity landscape is meant to benchmark participating hospitals against standard cybersecurity guidelines, such as HICP 2023 and the NIST Cybersecurity Framework.

The survey uses HICP 2023 as a lens through which to give an overview of how health systems are managing common cybersecurity threats, tracking data from hundreds of hospitals of various types and geographies, to spotlight existing best practices and new opportunities for improved resilience.

“The Hospital Cyber Resiliency Initiative Landscape Analysis greatly furthers our understanding of hospital cyber resiliency and provides us with a platform to begin working through potential policy considerations and minimum standards to better support cybersecurity in U.S. hospitals,” said Palm. 

She added: “We look forward to working with hospitals, Congress, and the information security community as we look to improve cyber resiliency and protect patient safety and wellbeing.” said Deputy Secretary Andrea Palm.

Health Industry Cybersecurity Practices, 2023 Edition

Healthcare IT News has reported often on HICP, touted as a cyber preparedness “cookbook” to help cash-strapped health systems, among other imperatives, prioritize and target their cybersecurity resources and get the most bang for their infosec investments.

The new 2023 Edition of HICP has been updated by more than 150 industry and federal professionals to include the most relevant and cost-effective ways to keep patients safe and mitigate the current cybersecurity threats that the HPH sector faces. 

The new edition includes a deep dive on social engineering attacks, labeling them as one of the biggest threats facing the healthcare industry today. 

“Staying current and responsive to evolving cyber threats is critical to protecting patient safety. HICP 2023 is the updated version that our industry needs to make sure they are applying scarce resources to the highest threat,” said Erik Decker, chief information security officer of Intermountain Health and chair of the Health Sector Coordinating Council Cybersecurity Working Group, in a press statement. 

“This will give the most underserved hospitals the best return on investment for cyber investment,” he said.

At the Healthcare Cybersecurity Forum on Monday, Decker offered a bit more insight about the HICP updates, and what the Hospital Cyber Resiliency Landscape Analysis shows about the state of health information security.

The landscape analysis was meant to be “as objective of review as we possibly could do,” he said. And it was taken very much from an adversarial mindset: How are we getting beat as hospitals? And then we can understand how we’re getting beat. And what does the resiliency side of this look like?

“We used HICP as the basis of the whole framework on how we would evaluate the resiliency itself and then found certain practices to be in urgent need of assistance and some practices to be generally OK or just needing some additional research,” he added.

Among many telling observations in the survey, “we saw statistically significant correlation between ownership of the program,” said Decker.

He explained: “If the CISO actually owns the program, you get better pickup coverage, which one would hope that that would be the case. But there’s a lot of CISOs that actually don’t own the full breadth of the cybersecurity program.”

Another finding that “was great to hear and see,” he said, “is that if you have good HICP coverage, [that] has a correlation to [good] NIST cybersecurity coverage. You would think that that would be the case: As you get better at HICP you’re going to get intrinsically better at the Cybersecurity Framework itself, because the framework describes this whole program.

“With those two things,” Decker added, “effectively, what we’re seeing then is when you put more ownership with the CISO you’re going to get better resiliency, you’re going to get better outcomes.”

Mike Miliard is executive editor of Healthcare IT News
Email the writer: mi**********@********ia.com

Healthcare IT News is a HIMSS publication.

Read More
Johnathon Fetzer

Latest

Will Bitcoin Boom in 2026? Keeping Cryptocurrency Players Informed

By NFTevening March 6, 2026 Bitcoin has served to define the cryptocurrency community since its initial launch in 2009. While representing nothing more than an interesting investment opportunity at one time, this stablecoin has since become extremely popular throughout the online gaming community as an alternative payment method. However, even Bitcoin is not immune to

At climate summit, African leaders call for a bigger role in energy transition

African leaders called for regional cooperation and more climate investments, as the second Africa Climate Summit opened this Monday in Addis Ababa. Heads of state urged the continent to play a bigger role in the transition to a cleaner global economy. Speaking at the opening event, Ethiopian Prime Minister Abiy Ahmed said it's time to

USA Cruise, Morocco Take Control, Brazil Advance On World Cup Day 9

```html id="s7wthc" ``` By Newspot Nigeria Sports Desk Day Nine of the 2026 FIFA World Cup brought four more group-stage matches and a clear theme across the schedule: teams that needed control went out and took it. The United States defeated Australia 2-0 to book a place in the next round, Morocco edged Scotland to

Cancer: Nigeria empowers patients with N50m lifetime

….As 200 beneficiaries get N100.000 each  AKOR SYLVESTER, Abuja The federal government has unveiled a N50 million Social Determinants of Health (SDoH) Fund to support cancer patients to enable them to meet the challenges of transportation, accommodation, feeding and other non-medical issues. The Minister of State for Health and Social Welfare, Iziaq Adekunle Salako, who

Newsletter

Don't miss

Will Bitcoin Boom in 2026? Keeping Cryptocurrency Players Informed

By NFTevening March 6, 2026 Bitcoin has served to define the cryptocurrency community since its initial launch in 2009. While representing nothing more than an interesting investment opportunity at one time, this stablecoin has since become extremely popular throughout the online gaming community as an alternative payment method. However, even Bitcoin is not immune to

At climate summit, African leaders call for a bigger role in energy transition

African leaders called for regional cooperation and more climate investments, as the second Africa Climate Summit opened this Monday in Addis Ababa. Heads of state urged the continent to play a bigger role in the transition to a cleaner global economy. Speaking at the opening event, Ethiopian Prime Minister Abiy Ahmed said it's time to

USA Cruise, Morocco Take Control, Brazil Advance On World Cup Day 9

```html id="s7wthc" ``` By Newspot Nigeria Sports Desk Day Nine of the 2026 FIFA World Cup brought four more group-stage matches and a clear theme across the schedule: teams that needed control went out and took it. The United States defeated Australia 2-0 to book a place in the next round, Morocco edged Scotland to

Cancer: Nigeria empowers patients with N50m lifetime

….As 200 beneficiaries get N100.000 each  AKOR SYLVESTER, Abuja The federal government has unveiled a N50 million Social Determinants of Health (SDoH) Fund to support cancer patients to enable them to meet the challenges of transportation, accommodation, feeding and other non-medical issues. The Minister of State for Health and Social Welfare, Iziaq Adekunle Salako, who

A befitting garland for UBA GMD, Alawuba @ 60

THOMAS IMONIKHE 08051000465 There is no iota of doubt that the Group Managing Director (GMD) of United Bank for Africa Plc and Chairman Body of Banks’ CEOs, Oliver Chukwudum Alawuba, an astute banker and one of Nigeria’s top corporate business leaders, who clocks three scores Saturday June 20, has made tremendous impact in the nation’s

Business seminar in Munich highlights Hong Kong’s strategic roles amidst global shifts (with photos)

Business seminar in Munich highlights Hong Kong's strategic roles amidst global shifts (with photos) ******************************************************************************************      The Hong Kong Economic and Trade Office, Berlin (HKETO Berlin), promoted Hong Kong's unique advantages and strategic roles at the seminar "Hong Kong's strategic role amidst geopolitical tensions" on June 18 (Munich time) in Munich, Germany.             Senior executives, investors

AI for business services: From job fears to productivity

AI for business services: From job fears to productivity

Business Insurance-AZ Achieves Record Response Times for 2026 Arizona Construction Bids

Business Insurance-AZ achieves milestone response speeds for commercial construction bids across Arizona, accelerating documentation delivery to keep local projects moving forward without delay. Phoenix, AZ, June 06-2026, ZEX PR WIRE — Business Insurance-AZ has achieved record-breaking processing speeds and response times for commercial construction bids throughout Arizona, directly supporting the state’s massive infrastructure and advanced manufacturing boom