Learn how to protect your organization from the top cybersecurity threats facing the health care and public health sector.
Three new resources can help improve cybersecurity in the health care and public health sector, thanks to a collaboration between the federal government and industry. Free cybersecurity trainings and information are now available through the U.S. Department of Health and Human Services (HHS) 405(d) Program. New resources also include a review of hospitals’ cybersecurity preparedness and recommendations for addressing cyberthreats.
Ultimately, these resources help support patient safety. HHS encourages all sector leaders to use the new resources to assess their organizations’ cybersecurity programs, says anHHS statement.
Knowledge on Demand: For the first time, HHS is offering free cybersecurity trainings to the health sector workforce. Five cybersecurity trainings for health care and security staff address social engineering, ransomware, loss or theft of equipment, insider, accidental, or intentional data loss, and attacks against network connected medical devices.
These threats are the top ones named in the 2023 edition of Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP), which is also available on the platform.
Over 150 industry and federal professionals have updated HICP 2023. Social engineering attacks, which trick someone into revealing information to attack systems or networks, is featured as one of the top five threats facing the sector.
This deep investigative study presents the methods that cyber adversaries are using to compromise hospitals, disrupt operations, and extort for financial gain. The report analyzes data from hundreds of hospitals, representing a diverse mix of hospital types and geographies. The Landscape Analysis correlates with HICP practices and outlines the most meaningful ways hospitals can guard against these specific threats.