On November 1, 2023, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Department of Health and Human Services (“HHS”) co-hosted a roundtable discussion on the cybersecurity challenges that the US healthcare and public health (“HPH”) sector faces, and how government and industry can work together to close the gaps in resources and cyber capabilities. Ahead of the roundtable, CISA and HHS released a cybersecurity tool kit that includes resources tailored for the healthcare and public health sector.
According to CISA Deputy Director Nitin Natarajan, “adversaries see healthcare and public health organizations as high value yet relatively easy targets – or what [CISA calls] target rich, cyber poor. Given that healthcare organizations have a combination of personally identifiable information, financial information, health records, and countless medical devices, they are essentially a one-stop shop for [bad actors].”
According to HHS Deputy Secretary Andrea Palm, “[HHS has] seen a significant rise in the number and severity of cyber attacks against hospitals and health systems in the last few years. These attacks expose vulnerabilities in…
