Additional Author Aaron Futerman
On October 25, 2023, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Department of Health and Human Services (“HHS”) released a cybersecurity toolkit containing resources and information that organizations in the healthcare and public health (HPH) sector can utilize to reduce their cyber risk.
Background
HPH is one of the sectors most targeted by threat actors due to the valuable data collected by organizations within this sector, such as health records, personally identifiable information, and financial information. HPH organizations also are reputedly “cyber poor” targets, (seen as having generally poor cyber hygiene). In addition, these organizations typically operate numerous connected medical devices, some of which have hardware and software vulnerabilities that threat actors can exploit to access key systems and records. The encryption of (or loss of access to) data and medical systems places extraordinary pressure on healthcare providers, as any disruption could delay lifesaving medical care.
The pandemic accelerated the healthcare industry’s adoption of digital technology for…
