The American Hospital Association and HITRUST said they are optimistic about the Biden Administration’s nearly 40-page national cybersecurity policy proposal in its strategies to combat destabilizing cybercrime and terrorism.
WHY IT IMPORTANT
Following repeated waves of ransomware attacks on hospitals and healthcare systems, healthcare stakeholders have made clear the sophistication of cybercriminals in their call for the federal government to coordinate action. motion.
President Joe Biden said in his National Cybersecurity Strategy report released Wednesday, the United States stands ready to face these cybersecurity challenges by working with “partners everywhere.” .
Sen. Mark Warner said by email that he was “particularly pleased” to see the Biden Administration’s priority in coordinating cyber incident reporting requirements and their “new focus on protecting sensitive health data.” feelings and safety of Americans as cyberattacks on our health care system increase.” frequent and aggressive.”
Warner previously released a document on cybersecurity policy options in November 2022, focusing on patient safety and addressing national risk status, federal leadership, Cyberattack recovery requirements and private sector incentives can improve healthcare cybersecurity.
John Riggi, AHA’s national adviser for cybersecurity and risk, said the hospital organization has been working closely with lawmakers and federal agencies to address the severity of the threat. this national security to public health and safety.
“The AHA commends the Biden Administration for this comprehensive National Cybersecurity Strategy, which acknowledges that private sector efforts are not enough to combat the serious cyber threats we face.” face as a nation,” he said in an emailed statement.
“Cyberattacks in the healthcare sector are life-threatening crimes that disrupt and delay the delivery of healthcare, and cybersecurity is a top priority. As of 2020. , the AHA has urged the federal government to adopt policies similar to those used in the war on terror – using all elements of national power to disrupt and destroy parts of the country. bad death abroad.”
In addition to declaring ransomware attacks a national security threat, the strategy aims to conduct more offensive operations against cyber threat actors and fulfill hardware security requirements, Riggi said. software for software developers.
“The AHA will continue to work with the hospital sector, Congress and the Administration and other stakeholders to promote and adopt network policies that are reasonable, effective, and workable,” said Riggi. .
Robert Booker, chief strategy officer of HITRUST, a standards development and assurance organization, called the national strategy an ambitious undertaking and the use of market forces crucial.
“As the Federal Government moves toward mission-critical infrastructure cybersecurity, we encourage approaches that encourage American companies to leverage and integrate mature security capabilities from the region.” private sector and use continuously updated and transparent assurance and measurement systems to assess and maintain security in the face of constantly changing threats,” he said in a statement. a statement addressed to Healthcare IT News.
“I am pleased to see the Biden Administration endorsing the kind of best practices I have long called for, such as building and strengthening strong partnerships with the private sector, investing in protecting our nation’s critical infrastructure, proactive in establishing a strong cybersecurity foundation, and meeting critical standards,” Warner added.
TREND TO BIGGER WOMAN
The AHA has advocated an offensive posture coordinated by the federal government, including calling for more support to help hospitals quickly get back up and running after they fell victim to cyberterrorism.
In December, Riggi said Healthcare IT News Much work remains to be done to improve government capacity to share real-time automated threat indicators.
“There’s only so much we can do to defend ourselves when enemies abroad, sheltered by hostile states, attack us,” he said during a discussion. “The other half of the equation. It’s a strong offense by the US government to go after these people.” also refers to Warner’s policy selection paper.
The Warner article proposes a substantial amount of governance, but also calls for a balanced approach with shared responsibility for both the public and private sectors.
ON PROFILE
“I’m also pleased to see the Administration’s focus return to protecting sensitive health data and the safety of Americans as cyberattacks on our healthcare system become more frequent. and more aggressive,” Warner said in its statement.
“The complexity of state and non-state actors and criminal activity that leverages the technology Americans rely on every day is a nagging problem and one that policymakers are concerned about,” Booker said by email. Business leaders and cybersecurity across U.S. industry value.”
Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS Media.
Mary Kratz will provide more details in her HIMSS23 session “Enhancing Interoperability Through Open Source Emulation Environments”. It is scheduled for Wednesday, April 19, at 4-5pm CT at the South Building in room S504.
