HHS’ Cyber Threat Center Comes Out of Beta Soon

Heather Kuldell | Nextgov | May 12, 2017

The Health and Human Services Department’s nascent cybersecurity center will soon reach initial operating capability to help share threat information with a sector constantly under attack and often short of cyber personnel of its own. Based on the Homeland Security Department's National Cybersecurity and Communications Integration Center, the Healthcare Cybersecurity Communications and Integration Center will share health-care specific threats information with other agencies and the private sector. The center expects to reach initial operating capability June 30, HHS officials told the CyberSecureGov audience in Washington on Thursday.

“Relatively speaking, we're the new kids on the block playing in the biggest and toughest neighborhood at the moment,” Leo Scanlon, HHS senior adviser for health care public health cybersecurity. Scanlon painted a grim picture of the challenges health care organizations face: rising ransomware attacks on organizations of all sizes, the difficulty to secure medical equipment never intended to be connected to the internet, and valuable data without cybersecurity staff to protect it.

“How many mortuaries do you think have a cybersecurity officer protecting their systems?” Scanlon asked. “Guess what's in a funeral home? The entire life history of every single person whose body is passing through medical records—cause of death, time of death, place of death. Everything you need to create an identity.” Only about 2 percent of the sector—the insurance and pharmaceutical companies—have the resources and the know how to protect their data and share information with each other...