Written by : Nikita Saha
October 27, 2023
The newly designed toolkit includes strategies for the health sector to mitigate risk, such as vulnerability scanning, best practices, and a framework for accessing and improving cyber resilience.
The Biden administration has released an updated cyber toolkit aimed at aiding the healthcare sector to effectively defend against cyberattacks.
This move is in response to the increasing number of cyber-attacks targeting the sector. This toolkit is a collaborative effort between the Health and Human Services Department and the Cybersecurity and Infrastructure Security Agency (CISA).
Further, the newly designed toolkit includes strategies for the health sector to mitigate risks, such as vulnerability scanning, best practices, and a framework for accessing and improving cyber resilience.
Additionally, it’s part of a broader set of tools HHS has been releasing over the last year to enhance cybersecurity practices throughout the healthcare sector in the US.
The toolkit can be found on the Cybersecurity and Infrastructure Security Agency (CISA) website. The primary objective of this new cyber toolkit is to safeguard the system of healthcare services including both basic cyber hygiene and advanced tools.
Sharing her views, Andrea Palm, deputy secretary, Department of Health and Human Services (HHS), Biden administration, said, ‘’The idea is that they're not learning all of this from scratch in this fire drill, but that they've got sort of a peer partner that they can talk to about how they've navigated through it."
This comprehensive approach aligns with the administration’s commitment to creating a cyberspace that is more resilient, equitable, and capable of defense. The Office of the National Cyber Director (ONCD) will oversee the plan's implementation, which includes delivering an annual report to both the President and Congress to update them on progress.
Currently, healthcare is a high-value target industry facing an increasing number of cyber attacks. This issue is increasingly recognised as a threat to patient safety, particularly when healthcare providers are forced to divert or shut down care.
"In cyber, it's hospitals that are on the front lines," said Nick Leiserson, director, National Cyber, White House.
This year, CISA has issued pre-ransomware notifications to approximately 65 healthcare organisations in the US. These notifications aim to prevent ransomware encryption and alert organisations to early-stage ransomware activity.
In another such significant development, the Biden administration secured a finalised agreement to safeguard access to preventive care, ensuring health insurers cover essential services without additional costs. This preventive care mandate encompasses a wide range of services including early detection of diseases such as cancer, and further ensures access to critical medications including PrEP for HIV prevention.