Three new resources can help improve cybersecurity in the health care and public health sector, thanks to a collaboration between the federal government and industry. Free cybersecurity trainings and information are now available through the U.S. Department of Health and Human Services (HHS) 405(d) Program. New resources also include a review of hospitals’ cybersecurity preparedness and recommendations for addressing cyberthreats.

Ultimately, these resources help support patient safety. HHS encourages all sector leaders to use the new resources to assess their organizations’ cybersecurity programs, says an HHS statement.

New Resources

Knowledge on Demand: For the first time, HHS is offering free cybersecurity trainings to the health sector workforce. Five cybersecurity trainings for health care and security staff address social engineering, ransomware, loss or theft of equipment, insider, accidental, or intentional data loss, and attacks against network connected medical devices.

 These threats are the top ones named in the 2023 edition of Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP), which is also available on the platform.  

Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP 2023 Edition): This resource shares the most relevant and cost-effective ways to mitigate the sector’s top cybersecurity threats.

 Over 150 industry and federal professionals have updated HICP 2023. Social engineering attacks, which trick someone into revealing information to attack systems or networks, is featured as one of the top five threats facing the sector.

Hospital Cyber Resiliency Initiative Landscape Analysis: The Landscape Analysis shares active threats attacking United States hospitals, as well as ways hospitals can improve their cybersecurity capabilities.

 This deep investigative study presents the methods that cyber adversaries are using to compromise hospitals, disrupt operations, and extort for financial gain. The report analyzes data from hundreds of hospitals, representing a diverse mix of hospital types and geographies. The Landscape Analysis correlates with HICP practices and outlines the most meaningful ways hospitals can guard against these specific threats.

 LeadingAge CAST Cybersecurity Resources

 For more information on how to protect your organization, use the LeadingAge CAST Cybersecurity Resources. You will learn how to recognize threats, mitigate risk, and respond to an attack. The resource includes a white paper, case studies, and a benchmarking questionnaire.

 If you are using voice technology, please check out “Opportunities, and Risks, with New Smart Voice Technology in Senior Living.” For information on how a life plan community managed HIPAA compliance and cybersecurity mitigation, see the CAST case study, “Managing HIPAA Compliance and Cyber Security Through Partnership” or review the summary.