Hospital cyber resiliency analysis

HHS 405(d) Program's Hospital Cyber Resiliency Initiative report is based on a landscape analysis of current threats and protective measures.

By admin

Apr 21, 2023, 4:09 PM

The healthcare sector has faced escalating cybersecurity incidents, including data breaches and ransomware attacks. In addition to the vast data privacy issues and monetary losses, these incidents disrupt workflows and patient care, which can have devastating effects on health. The 405(d) program from the U.S. Department of Health and Human Services (HHS) conducted a landscape analysis to review active threats attacking hospitals and the cybersecurity capabilities of hospitals operating in the United States. This look at cyber resiliency included a deeper investigation into the methods cybercriminals are using to target hospitals and health systems to disrupt operations and extort money. To assess meaningful protective measures to these cyberthreats, the program benchmarked the analysis results to specific practices of the Health Industry Cybersecurity Practices (HICP).

The resulting Hospital Cyber Resiliency Initiative Landscape Analysis report includes:

Threat analysis
Assessment of capabilities and performance
Adoption of HICP practices

Among the many government, vendor, cybersecurity and other stakeholder groups contributing data and information to this report were CHIME and its Digital Health Most Wired program.

In addition to accessing this HHS report (click here), check out the recent Digital Health Most Wired cybersecurity trend report, Code Red: HCOs and Cybersecurity Preparedness.