Hospital cyber resiliency analysis
The healthcare sector has faced escalating cybersecurity incidents, including data breaches and ransomware attacks. In addition to the vast data privacy issues and monetary losses, these incidents disrupt workflows and patient care, which can have devastating effects on health. The 405(d) program from the U.S. Department of Health and Human Services (HHS) conducted a landscape analysis to review active threats attacking hospitals and the cybersecurity capabilities of hospitals operating in the United States. This look at cyber resiliency included a deeper investigation into the methods cybercriminals are using to target hospitals and health systems to disrupt operations and extort money. To assess meaningful protective measures to these cyberthreats, the program benchmarked the analysis results to specific practices of the Health Industry Cybersecurity Practices (HICP).
The resulting Hospital Cyber Resiliency Initiative Landscape Analysis report includes:
- Threat analysis
- Assessment of capabilities and performance
- Adoption of HICP practices
Among the many government, vendor, cybersecurity and other stakeholder groups contributing data and information to this report were CHIME and its Digital Health Most Wired program.