Administration officials discuss cybersecurity threats affecting hospitals, health care sector

Apr 15, 2024 - 04:06 PM
The cybersecurity panel at the AHA 2024 annual meeting

Two Administration officials April 14 discussed how the federal government is working with hospitals and other parts of the health care sector to defend against cyber threats and mitigate cyberattacks.  

Anne Neuberger, deputy assistant to the president and deputy national security advisor for cyber and emerging technology on the National Security Council, spoke about how the Department of Health and Human Services, Cybersecurity and Infrastructure Security Agency, and other federal agencies are working to share timely information related to cyber threats with health care providers.

In a conversation with AHA National Advisor for Cybersecurity and Risk John Riggi, Neuberger spoke about voluntary consensus-based cybersecurity practices that were announced in January by HHS as part of the Administration’s efforts to bolster cybersecurity. These cybersecurity performance goals, which the AHA helped develop and supports, are targeted at defending against the most common tactics used by cyber adversaries to attack health care and related third parties.  

The AHA opposes insufficiently funded proposals for mandatory cybersecurity requirements that carry excessively harsh penalties being levied on hospitals. Instead, AHA is urging Congress and the Administration to focus on the entire health care sector and not just hospitals to make meaningful progress in the war on cybercrime.  

In a separate panel discussion, CISA Deputy Director Nitin Natarajan talked about how the cyber threat landscape continues to evolve and how all parts of the health care sector are facing increased threats.  

The panel also included J. Stephen Jones, M.D., president and CEO of Inova Health System, and Brian Gragnolati, president and CEO of Atlantic Health System, who shared strategies that their organizations are implementing to strengthen cybersecurity efforts and protect patient safety. 

Related News Articles

Headline
Report: Delayed or missing payments increased for hospitals in first quarter
Hospitals and health systems nationwide saw a sizable increase in delayed or missing payments in first quarter 2024, according to a report released May 10 by…
Headline
Agencies warn of accelerating attacks on health care by Black Basta ransomware group
The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and Multi-State Information…
Headline
DOJ charges Russian national with developing, operating LockBit ransomware
The Department of Justice May 7 announced more than two dozen criminal charges against Dimitry Yuryevich Khoroshev, 31, of Voronezh, Russia, for his alleged…
Headline
AHA, other hospital groups urge UHG to formalize breach notification plans following Change Healthcare cyberattack 
The AHA and other national hospital groups May 8 sent a letter to UnitedHealth Group, urging the organization to formally accept responsibility for issuing…
Headline
CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber…
Headline
White House releases critical infrastructure memo empowering CISA to strengthen health care security 
The Biden Administration April 30 released a memo announcing updated critical infrastructure protection requirements, which include the Cybersecurity &…