As hospitals and healthcare systems struggle to thwart the increasing number of cyberattacks, the sharing of information is becoming a key tool in the fight, and the White House is taking steps to boost that.
A new proposal from President Obama's administration would allow increased sharing of information on cyberthreats from the private sector with protection from liability.
Through the proposal, the White House wants the private sector to share its cyberthreat information with the Department of Homeland Security's National Cybersecurity and Communications Integration Center. The center will then pass that data along to other federal agencies and private-sector operated Information Sharing and Analysis Organizations (ISAOs).
This move by the administration is supported by those in the healthcare industry, including the Health Information Trust Alliance (HITRUST).
"In the past, there has been some confusion on who in the private sector, companies can turn to in order to work with their government partners. With this step today, the White House has provided clarity that ISAOs are a key link that will continue to provide value to strengthen ... our nation as a whole given the growing cyberthreats the nation faces," HITRUST said in a statement.
HITRUST is working with providers to test and improve their preparedness for attacks through its CyberRX 2.0 program, which includes scenarios targeting information systems, medical devices and other healthcare technology.
Other groups also support sharing of cybersecurity information between organizations in the healthcare industry. In November, the National Institute of Standards and Technology created draft guidelines to help organizations handle those relationships.
In addition, Jeff Bell, HIMSS privacy and security committee chair, recently wrote a blog post about the importance of cyberthreat intelligence and information, which organizations can use to increase their security systems.
To learn more:
- read the White House's announcement
- here's the HITRUST statement