New Resources and Offers for AHA Members to Bolster Cybersecurity Efforts

The AHA has long been committed to helping hospitals and health systems defend against and deflect cyberattacks. As the cybersecurity landscape continues to evolve, we are working closely with the White House, federal agencies, the hospital field and solution providers to build trusted relationships and channels for the exchange of cyberthreat information, as well as resources to support the implementation of risk mitigation practices.

The Department of Health and Human Services has created a set of voluntary Cybersecurity Performance Goals (CPG) in cooperation with the Healthcare and Public Health (HPH) sector to encourage the implementation of high-impact cybersecurity practices to help organizations better prepare for and mitigate cyberthreats. The CPGs are designed to defend against the most common tactics used by cyber adversaries to attack health care and related third parties, such as exploitation of known technical vulnerabilities, phishing emails and stolen credentials. The AHA recommends that these CPGs be voluntarily implemented by all components of the health care sector, including third-party technology partners and business associates.

Cybersecurity Resources and New Offerings

The AHA provides cybersecurity support to individual hospitals and health systems and continues to share information and guidance with the field on the latest cyberthreats. AHA’s National Advisor for Cybersecurity and Risk John Riggi, a former FBI executive with decades of experience on the front lines of cyber issues, leads these efforts.

The AHA also collaborates with multiple parties across the public and private sectors to support member hospitals and health systems with cybersecurity risk mitigation. AHA’s Preferred Cybersecurity Provider program includes vetted, highly reputable and accomplished cybersecurity providers that have developed dedicated resources and special offerings for AHA members to help address cybersecurity and risk mitigation challenges. Please visit the Support for Your Cybersecurity Program webpage to view specific information and new offerings from AHA partners, including Microsoft, Google, AON, Censinet, Critical Insight, and Cylera.

“Foreign-based cyberattacks against hospitals and their disruptive effects on patient care continue to increase at an alarming rate,” Riggi said. “As we engage with government leaders on this national security threat, it has become clear that hospitals have prioritized cybersecurity for the defense of the patients and communities they serve, but some may lack sufficient resources to fully implement the necessary cybersecurity defenses. In search of creative solutions to help fill the cybersecurity resource gap, we turned to the private sector for assistance. We rang the bell, and these firms answered the call.”

Further Questions

If you have further questions, please contact Riggi at jriggi@aha.org. For the latest cyberthreat intelligence and resources, visit www.aha.org/cybersecurity.