The government wants to help boost hospital cybersecurity to fend off ransomware and cyberattacks from nation-states, according to an Axios report.
Why it matters: Hospitals and the healthcare sector have been under siege from cyber criminals for years. The combination of sensitive patient information and critical services makes the industry a prime target for ransomware payouts.
“Email and phones go down. Backup computers generally don’t work or have only about three days of data on them,” said John Riggi, American Hospital Association cybersecurity and risk adviser.
Details: The Cybersecurity and Infrastructure Security Agency recently released new mitigation guidelines. Among its recommendations:
What they’re saying: “We’re in a much different place now where [the health care industry] sees themselves as targets for a combination of both cyber terrorist, cybercriminals and nation-states,” Nitin Natarajan, deputy director of CISA, told Axios.
Yes, but: The new CISA guidance is voluntary for hospitals and healthcare organizations.
However, the idea of requiring minimum standards for hospital cybersecurity is gaining support from lawmakers.
Driving the news: Last week, New York Gov. Kathy Hochul proposed that the state become the first to require health systems to adopt certain cyber defenses, including having response plans for potential attacks.
Experts told Axios they expect to see more legislative cybersecurity mandates for hospitals.
Go deeper: Read more about CISA’s plan for healthcare organizations at axios.com.
What we’re thinking: Cyber insurance is becoming a necessity in today’s digital world.
Cyber liability insurance helps cover costs associated with data breaches and cyberattacks. Ask a trusted insurance adviser about how cyber insurance can help protect your organization.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.