4 Lessons from our National Cybersecurity Plan

March 15, 2023

In the world of cybersecurity, we know that threats from around the world can make a local impact.

The cyber stakes for health care can be a little startling when you think about the big picture. We all are one malicious link away from having a digital crisis. Every day, we better understand the threats our hospitals and other public health organizations face as we transition to a more digitally focused health care system.

Just about a year ago, I noted how health care organizations should be mindful of the potential “spillover effects” from the emerging Russia-Ukraine tensions. Our hospitals play a critical role in our nation’s infrastructure, and that’s only become clearer in recent months.

This month, the White House released its national cybersecurity strategy, and it included some useful insights for emergency management leaders that put our current cybersecurity challenge into a larger perspective, including:

• COVID-19’s impact:  The pandemic has “pushed us to live even more deeply in a digital world,” with video and audio streaming, and wearable devices increasing our online footprint.
• Bad actors:  The tools for bad actors, such as spyware, are now widely available, but autocratic states have even more advanced cyber capabilities to destabilize their enemies.
• Key players:  The owners and operators of the systems that hold our data and the software providers that build these systems play a critical role to protect our information.
• Next steps:  Deep collaboration between stakeholders will improve the resiliency of our cyber systems.

In this environment, you can take action by following the same cybersecurity principles we always preach, such as:

• Maintaining offline, encrypted backups of data
• Regularly scanning your systems for vulnerability
• Patching and updating software
• Training your employees to be alert for the signs of phishing

It’s not flashy, but these policies will help bolster your organization against the cyber threats that are only growing more prevalent.

HAP’s Emergency Management team will continue to monitor the latest health care cybersecurity updates. Contact me with any questions or for additional information.

Members of the American Hospital Association (AHA) also are encouraged to avail themselves of the valuable expertise and experience of John Riggi, the AHA’s Senior Advisor for Cybersecurity and Risk.