Cybersecurity

Warner pushes health care sector on cyber

open lock (Alexander Softog/Shutterstock.com) 

Sen. Mark Warner (D-Va.) wants to partner with the health care industry to develop a strategy for dealing with an unprecedented wave of cyberattacks over the past year.

In letters sent Feb. 21 to a dozen health care organizations and associations, Warner notes that the health care sector is a "lucrative" target for ransomware attacks and data theft, problems that will only get worse as hospitals, clinics and other health care organizations continue to digitize medical records and implement new technology.

The increased reliance on technology has "left the health care industry more vulnerable to attack, as the industry has embraced innovation that imbues ever-more products, processes and services with internet connectivity and software-based functionality -- with security and resiliency often an afterthought," wrote Warner.

Cybersecurity experts consistently flag the health care industry as one of the sectors most vulnerable to malicious cyberattack. The industry experienced dozens of large, high-profile hacks, breaches and data exposures in 2018, and last year, cybersecurity company Fortinet said internal data showed the industry experienced twice as many cyber incidents on average compared to other industrial sectors.

In January, the Department of Health and Human Services released new cybersecurity guidance to health care organizations warning that the lack of security standards, increased reliance on connected devices and a push towards digitized records are all contributing factors to a larger attack surface for phishing, ransomware, data theft, insider threats and other targeted attacks against the industry.

Warner said he wants to work with the organizations to develop "a short and long range" strategy for mitigating cybersecurity vulnerabilities in the health care sector. He asked each organization for insight into what protections they currently have in place, whether they can inventory all their connected systems and track if they've installed the latest security patches, what challenges they face recruiting cyber employees and suggestions about laws or regulations for Congress to consider.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.