Cybersecurity

CIO: HHS faces 500 million hack attempts per week

Shutterstock image (by wavebreakmedia): doors opening to a sky of clouds and code. 

By virtue of possessing millions of medical records, the Department of Health and Human Services is a prime and frequent target for attempted cybersecurity intrusions.

According to HHS CIO Beth Killoran's estimation, the department faces "500 million cyber hack attempts each week" and cautioned that already staggering number is only going to swell in the future.

"That's going to go up," she said at the MarkLogic Data Integration Summit June 20. "Because health data is the one thing about you that you can't change, and it's very powerful information, and the value of that data is going to go up."

"We have worked over the past five to 10 years to make sure we are gathering as much data as we possibly can," Killoran said. "At HHS, we have one in three Americans' [personally identifiable information] right now."

While the department has collected so much data and can do so very quickly, due to fixed finances and resources, "one of the current challenges we have is … we're not actually able to effectively put data together for meaningful use," she added.

Killoran said that HHS's priorities in making better use of its collected data are "to make sure we're partnering with industry" to reduce bureaucracy and to "put the tech at the fingertips of our citizens."

Specifically, the department is focusing on ways to increase patients' accessibility to and communication with their physicians by consolidating health information from disparate sources and expanding telehealth practices.

However, Killoran added that HHS must balance these priorities to innovate and increase information sharing with adequate cybersecurity protection of the massive amount of sensitive information the department houses.

"We have a responsibility to make sure that we're protecting citizens' information as they make it public and as they want to use that information to improve their health," she said.

At a June 8 Energy and Commerce Oversight and Investigations Subcommittee hearing, Steve Curren, director of HHS's Division of Resilience within the Office of Emergency Management,  attested to the dangerous implications of cyberattacks in the health care sector.  

"Since 2014, the healthcare sector has been hit with a wave of large healthcare information breaches, compromising the personal information of hundreds of millions of individuals," he testified. "These attacks shifted the threat landscape considerably, as they no longer threatened just personal information but also the ability of healthcare organizations to provide patient care."

To further aid HHS' cyber mission, a June 2017 report from the Health Care Industry Cybersecurity Task Force, comprising 21 health care experts from industry and government, laid out its "imperatives" to improve cybersecurity in the health care sector.

Among the recommendations were for HHS to appoint a single cybersecurity official to coordinate digital security efforts across federal, state and industry partners and for HHS and industry to improve their information sharing on cyber threats.

About the Author

Chase Gunter is a staff writer covering civilian agencies, workforce issues, health IT, open data and innovation.

Prior to joining FCW, Gunter reported for the C-Ville Weekly in Charlottesville, Va., and served as a college sports beat writer for the South Boston (Va.) News and Record. He started at FCW as an editorial fellow before joining the team full-time as a reporter.

Gunter is a graduate of the University of Virginia, where his emphases were English, history and media studies.

Click here for previous articles by Gunter, or connect with him on Twitter: @WChaseGunter

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.