{"id":640725,"date":"2023-04-23T20:05:29","date_gmt":"2023-04-24T01:05:29","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/04\/23\/hhs-cybersecurity-task-force-makes-3-key-resources-available\/"},"modified":"2023-04-23T20:05:29","modified_gmt":"2023-04-24T01:05:29","slug":"hhs-cybersecurity-task-force-makes-3-key-resources-available","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/04\/23\/hhs-cybersecurity-task-force-makes-3-key-resources-available\/","title":{"rendered":"HHS Cybersecurity Task Force makes 3 key resources available"},"content":{"rendered":"<div property=\"content:encoded\">\n<p><span id=\"docs-internal-guid-006ca50f-7fff-773f-88ad-0b90e5250443\">CHICAGO \u2013 At the HIMSS23 Healthcare Cybersecurity Forum on Monday, a leader with the Cybersecurity and Infrastructure Security Agency <\/span><a href=\"https:\/\/www.healthcareitnews.com\/news\/were-here-help-says-cisa-chief-ransomware-risks-proliferate\" target=\"_blank\" rel=\"noopener\">cited some sobering statistics<\/a>, noting an 86% increase in cyberattacks against hospitals since 2021, with healthcare reporting more such incidents than any other industry.<\/p>\n<p dir=\"ltr\">In response to these escalating threats, the U.S. Department of Health and Human Services on Monday made available a trio of new reports and resources to help providers and public health agencies manage the challenges posed by bad actors whose frequent exploits are only growing in sophistication and severity.<\/p>\n<p dir=\"ltr\">The HHS 405(d) Program, in collaboration with the Health Sector Coordinating Council Cybersecurity Working Group, announced three new tools today.<\/p>\n<h2 dir=\"ltr\">Knowledge on Demand<\/h2>\n<p dir=\"ltr\">This <a href=\"https:\/\/405d.hhs.gov\/knowledgeondemand\" target=\"_blank\" rel=\"noopener\">online educational platform<\/a> offers healthcare organizations free cybersecurity training \u2013 the first time HHS has offered such services to the health sector workforce.<\/p>\n<p dir=\"ltr\">This platform offers awareness trainings on five cybersecurity topics:<\/p>\n<ul>\n<li aria-level=\"1\" dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\">social engineering.<\/p>\n<\/li>\n<li aria-level=\"1\" dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\">ransomware.<\/p>\n<\/li>\n<li aria-level=\"1\" dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\">loss or theft of equipment or data.<\/p>\n<\/li>\n<li aria-level=\"1\" dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\">insider accidental or malicious data loss.<\/p>\n<\/li>\n<li aria-level=\"1\" dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\">attacks against network connected medical devices.<\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\">The lessons \u2013 videos, PowerPoints and more \u2013 can be accessed and launched directly from the 405(d) <a href=\"https:\/\/405d.hhs.gov\/\" target=\"_blank\" rel=\"noopener\">website<\/a>.<\/p>\n<p dir=\"ltr\">&#8220;Cyberattacks are one of the biggest threats facing our healthcare system today, and the best defense is prevention,&#8221; said HHS Deputy Secretary Andrea Palm in a statement.<\/p>\n<p dir=\"ltr\">&#8220;These trainings will serve as an asset to any sized organization looking to train staff in basic cybersecurity awareness and are offered free of charge, ensuring that those hospitals and health care organizations most vulnerable to attack can take steps toward resilience. This is part of HHS&#8217;s continued commitment to working with hospitals, Congress, and industry leaders in protecting America&#8217;s patients.&#8221;<\/p>\n<h2 dir=\"ltr\">Hospital Cyber Resiliency Landscape Analysis<\/h2>\n<p dir=\"ltr\">This new <a href=\"https:\/\/405d.hhs.gov\/Documents\/405d-hospital-resiliency-analysis.pdf\" target=\"_blank\" rel=\"noopener\">55-page survey (PDF) of the healthcare cybersecurity landscape<\/a> is meant to benchmark participating hospitals against standard cybersecurity guidelines, such as <a href=\"https:\/\/405d.hhs.gov\/information\" target=\"_blank\" rel=\"noopener\">HICP 2023<\/a> and the <a href=\"https:\/\/www.nist.gov\/cyberframework\" target=\"_blank\" rel=\"noopener\">NIST Cybersecurity Framework<\/a>.<\/p>\n<p dir=\"ltr\">The survey uses HICP 2023 as a lens through which to give an overview of how health systems are managing common cybersecurity threats, tracking data from hundreds of hospitals of various types and geographies, to spotlight existing best practices and new opportunities for improved resilience.<\/p>\n<p dir=\"ltr\">&#8220;The Hospital Cyber Resiliency Initiative Landscape Analysis greatly furthers our understanding of hospital cyber resiliency and provides us with a platform to begin working through potential policy considerations and minimum standards to better support cybersecurity in U.S. hospitals,&#8221; said Palm.\u00a0<\/p>\n<p dir=\"ltr\">She added: &#8220;We look forward to working with hospitals, Congress, and the information security community as we look to improve cyber resiliency and protect patient safety and wellbeing.&#8221; said Deputy Secretary Andrea Palm.<\/p>\n<h2 dir=\"ltr\">Health Industry Cybersecurity Practices, 2023 Edition<\/h2>\n<p dir=\"ltr\"><em>Healthcare IT News<\/em> has <a href=\"https:\/\/www.healthcareitnews.com\/news\/healthcares-new-roadmap-cybersecurity-resilience\" target=\"_blank\" rel=\"noopener\">reported<\/a> <a href=\"https:\/\/www.healthcareitnews.com\/video\/examining-health-industry-cybersecurity-practices-law\" target=\"_blank\" rel=\"noopener\">often<\/a> on HICP, touted as a <a href=\"https:\/\/www.healthcareitnews.com\/news\/security-chief-touts-value-hicp-cyber-preparedness-cookbook-recipes-readiness\" target=\"_blank\" rel=\"noopener\">cyber preparedness &#8220;cookbook&#8221;<\/a>\u00a0to help cash-strapped health systems, among other imperatives, prioritize and target their cybersecurity resources and get the most bang for their infosec investments.<\/p>\n<p dir=\"ltr\">The new <a href=\"https:\/\/405d.hhs.gov\/information\" target=\"_blank\" rel=\"noopener\">2023 Edition of HICP<\/a> has been updated by more than 150 industry and federal professionals to include the most relevant and cost-effective ways to keep patients safe and mitigate the current cybersecurity threats that the HPH sector faces.\u00a0<\/p>\n<p dir=\"ltr\">The new edition includes a deep dive on social engineering attacks, labeling them as one of the biggest threats facing the healthcare industry today.\u00a0<\/p>\n<p dir=\"ltr\">&#8220;Staying current and responsive to evolving cyber threats is critical to protecting patient safety. HICP 2023 is the updated version that our industry needs to make sure they are applying scarce resources to the highest threat,&#8221; said Erik Decker, chief information security officer of Intermountain Health and chair of the Health Sector Coordinating Council Cybersecurity Working Group, in a press statement.\u00a0<\/p>\n<p dir=\"ltr\">&#8220;This will give the most underserved hospitals the best return on investment for cyber investment,&#8221; he said.<\/p>\n<p dir=\"ltr\">At the Healthcare Cybersecurity Forum on Monday, Decker offered a bit more insight about the HICP updates, and what the Hospital Cyber Resiliency Landscape Analysis shows about the state of health information security.<\/p>\n<p dir=\"ltr\">The landscape analysis was meant to be &#8220;as objective of review as we possibly could do,&#8221; he said. And it was taken very much from an adversarial mindset: How are we getting beat as hospitals? And then we can understand how we&#8217;re getting beat.\u00a0And what does the resiliency side of this look like?<\/p>\n<p dir=\"ltr\">&#8220;We used HICP as the basis of the whole framework on how we would evaluate the resiliency itself and then found certain practices to be in urgent need of assistance and some practices to be generally OK or just needing some additional research,&#8221; he added.<\/p>\n<p dir=\"ltr\">Among many telling observations in the survey, &#8220;we saw statistically significant correlation between ownership of the program,&#8221; said Decker.<\/p>\n<p dir=\"ltr\">He explained: &#8220;If the CISO actually owns the program, you get better pickup coverage, which one would hope that that would be the case. But there&#8217;s a lot of CISOs that actually don&#8217;t own the full breadth of the cybersecurity program.&#8221;<\/p>\n<p dir=\"ltr\">Another finding that &#8220;was great to hear and see,&#8221; he said, &#8220;is that if you have good HICP coverage, [that] has a correlation to [good] NIST cybersecurity coverage. You would think that that would be the case: As you get better at HICP you&#8217;re going to get intrinsically better at the Cybersecurity Framework itself, because the framework describes this whole program.<\/p>\n<p dir=\"ltr\">&#8220;With those two things,&#8221; Decker added, &#8220;effectively, what we&#8217;re seeing then is when you put more ownership with the CISO you&#8217;re going to get better resiliency, you&#8217;re going to get better outcomes.&#8221;<\/p>\n<p><em>Mike Miliard is executive editor of Healthcare IT News<br \/>\nEmail the writer:\u00a0<a href=\"http:\/\/www.healthcareitnews.com\/mailto:mi**********@********ia.com\" data-original-string=\"3Bo+YePXzJLUoOZ19HAOuw==7f4S1W83J3U3INojWwGlNLKNquL+x3vsic2lOuqZZQcw3U=\" title=\"This contact has been encoded by Anti-Spam by CleanTalk. Click to decode. To finish the decoding make sure that JavaScript is enabled in your browser.\" target=\"_blank\" rel=\"noopener\"><span \n                data-original-string='tW1Gw2zMlB4ZWpWVDOsK0g==7f4PsZzOhHMsBirj70aC1ELuikpGXzmydIWevh9uqYl2Bk='\n                class='apbct-email-encoder'\n                title='This contact has been encoded by Anti-Spam by CleanTalk. Click to decode. To finish the decoding make sure that JavaScript is enabled in your browser.'>mi<span class=\"apbct-blur\">**********<\/span>@<span class=\"apbct-blur\">********<\/span>ia.com<\/span><\/a><\/em><br \/><em>Healthcare IT News is a HIMSS publication.<\/em><\/p>\n<\/div>\n<p><a href=\"https:\/\/www.healthcareitnews.com\/news\/hhs-cybersecurity-task-force-makes-3-key-resources-available\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Johnathon Fetzer<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CHICAGO \u2013 At the HIMSS23 Healthcare Cybersecurity Forum on Monday, a leader with the Cybersecurity and Infrastructure Security Agency cited some sobering statistics, noting an 86% increase in cyberattacks against hospitals since 2021, with healthcare reporting more such incidents than any other industry. In response to these escalating threats, the U.S. Department of Health and<\/p>\n","protected":false},"author":1,"featured_media":640726,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3460,305],"tags":[],"class_list":{"0":"post-640725","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cybersecurity","8":"category-force"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/640725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=640725"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/640725\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/640726"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=640725"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=640725"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=640725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}