The College of Healthcare Information Executives (CHIME) has announced it has created a new Cybersecurity Center and Program Office to assist healthcare organizations in the fight against cybercrime.
The new office will be tasked with developing and sharing cybersecurity best practices, encouraging the sharing of threat information, and will be encouraging healthcare organizations to improve collaboration with each other and federal agencies.
The new office will be staffed by CHIME employees, although assistance will be received from member volunteers. The office will also enlist help from Association for Executives in Healthcare Information Security (AEHIS) and CHIME members, who will serve as advisors to the new cybersecurity center. They will also serve as advisors to the industry as a whole and will help to keep the healthcare organizations abreast of the latest threats and the actions that can be taken to mitigate risk.
In order to develop industry best practices to improve protection against cyberattacks, the new office will reach out to federal agencies and organizations in a variety of industry sectors. Information resources will be developed that can be tapped by healthcare organizations to enable them to better protect networks and sensitive healthcare data. The new office will also be working hard to improve existing partnerships with federal agencies and other organizations to improve the sharing of intelligence data.
The cybersecurity landscape is constantly changing and new threats are emerging on a daily basis. CHIME president and CEO Russell Branzell points out that there are now many sophisticated threats to deal with and that these threats will continue to evolve. He says, “Today the focus is ransomware, tomorrow it will be something else.” The new Cybersecurity Center and Program Office will play an important role in dealing with these new threats.
In order to tackle the growing threat of cyberattacks, it is essential that organizations share their threat intelligence and improve collaboration. Branzell says “As an industry, we need to pull together and share what’s working so that we can effectively safeguard our systems and protect patients.”
David Finn, CHIME board member and member of the Department of Health and Human Services’ Health Care Industry Cybersecurity Task Force says “It is absolutely critical that we have collaboration across the industry.”
However, information sharing alone will not help organizations implement defenses to prevent cyberattacks. It is also vital that information is shared in a format that healthcare security professionals can understand. Finn says, “if data can’t be turned into useful intelligence, there is no real advantage to sharing.”
One of the roles of the new office will be to issue guidelines to healthcare organizations to show them how to share intelligence data so that it can be easily understood and used by others to improve their defenses.