HHS, HITRUST aim to prep health industry for cyber attacks

The U.S. Department of Health & Human Services and the Health Information Trust Alliance (HITRUST) have announced they will be conducting monthly threat briefings, starting in April, in an expansion of industry cyber threat preparedness and education efforts.

An analysis of HITRUST Common Security Framework (CSF) assessments performed over the last year indicates progress has been made across various sizes of organizations, but mostly for larger organizations with annual revenues over $6 billion.

"Government and industry cooperation and coordination are key to effectively and efficiently preparing the industry for cyber attacks," Earl Motzer, co-chair of the healthcare sector coordinating council established under the National Infrastructure Protection Plan (NIPP), said in the announcement. "Availability of this information is a positive step in the industry's cyber threat preparedness."

The briefings will be free, held online for 60 to 75 minutes and aim to provide greater actionable information on recent and ongoing cyber threats, lessons learned and support for healthcare organizations.

"Collaboration is crucial to reducing cyber threats for the entire healthcare industry, including the government," Kevin Charest, chief information security officer for HHS, said, according to the announcement. "These briefings and alerts allow us to better disseminate valuable and critical information to healthcare organizations more effectively so they can better prepare and respond to cyber threats and events."

This month, HHS and HITRUST also will conduct the first of two simulated attacks against healthcare networks--dubbed CyberRX--to test their vulnerability against hackers.

An official with the U.S. Department of Homeland Security's Office of Cybersecurity and Communications revealed at a House committee hearing last November that DHS was aware of roughly 16 reports of cybersecurity threats to HealthCare.gov from HHS.

To learn more:
- read the announcement

Related Articles:
Health industry to test cyber security resilience
Homeland Security officials aware of cybersecurity threats to HealthCare.gov
HITRUST launches service to fight cyber crime in healthcare
HITRUST moves to help healthcare fight cyber-crime
Securing health data from hackers requires a holistic approach
Chinese hackers targeting the healthcare industry
Healthcare industry is a 'cyberterrorism' target