The Health Sector Coordinating Council is embarking on a five-year strategic plan to help the healthcare and public health sector address future cybersecurity threats, risks and associated difficulties, says Greg Garcia, council executive director for cybersecurity.
“What does the healthcare industry look like five years from now? It’s evolving rapidly,” he says in an interview with Information Security Media Group conducted this week, during the HIMSS 2022 Healthcare Cybersecurity Forum in Boston.
“The digitization of healthcare, the distribution of home healthcare wearables, and the consolidation of the healthcare industry – these are going to be presenting new and continuing cybersecurity challenges, and we need to be prepared for that.”
In the nearer term, HSCC in the coming weeks and months will be issuing a variety of new guidance resources, he says.
That includes a white paper on the cybersecurity risks of artificial intelligence in healthcare, a guide developed with the Department of Health and Human Services for healthcare sector implementation of the National Institute of Standards and Technology cybersecurity framework, and a document for managing legacy medical device cyber risk.
“It’s all hands on deck,” Garcia says.
HSCC is a private-sector critical infrastructure advisory council to HHS. The coalition’s cybersecurity working group represents more than 300 healthcare sector organizations, including patient care delivery networks, health plans, laboratories and health IT vendors, as well as several federal and state government agencies.
In the interview (see audio link below photo), Garcia also discusses:The potential impact of economic uncertainty on healthcare cybersecurity;How consolidation – mergers and acquisitions – in the healthcare sector is contributing to cyber risk;Cybersecurity challenges in the healthcare sector for the coming year.
Garcia was also the nation’s first Department of Homeland Security assistant secretary for cybersecurity and communications under President George W. Bush. He also served as executive director of the Financial Services Sector Coordinating Council and held executive positions with Bank of America, 3Com Corp., the Information Technology Association of America and Americans for Computer Privacy.