Fraud Management & Cybercrime , Information Sharing , Ransomware
Building a 911 Cyber Civil Defense System for Healthcare
Intermountain Health CISO Erik Decker on Where Cyber Incident Response Needs to GoThe healthcare sector needs a 911-style cyber civil defense system that can help all segments of the industry, including under-resourced groups, to more rapidly and effectively respond to cyberattacks and related incidents, said Erik Decker, CISO of Intermountain Health and federal cyber adviser.
"Think of it like mutual aid. Fire departments, especially in rural areas ... don't have enough firefighters in one particular area to deal with a catastrophic issue. So, they have mutual aid agreements with other fire departments who come in to help … in a five-alarm fire," Decker said in an interview with Information Security Media Group conducted at HIMSS24 in Orlando.
"A 911 for cyber civil defense is like that. How can Intermountain Health help? Can we drop-ship in cyber people or clinical people in order to deal with the response to other folks?" he said. "How can the federal government enable responses like this?"
"We know that some of the most critical services affected in the middle of a hospital ransomware attack are medical imaging or lab services. Even before the electronic medical records systems need to come back on line, those services need to be online. There already is the ability to drop-ship medical imaging systems into areas. Why can't we stand up a cloud-based EMR that's on the side and ready to turn on in the case of one of these very disruptive events to help the entity weather though this?" Decker said.
The 911 cyber civil defense system is a proposal recently included in the updated five-year strategic cyber plan of the Health Sector Coordinating Council's cybersecurity working group, which collaborates with the U.S. Department of Health and Human Services.
"Are we going to get there?" he said "Boy, we're going to push hard on this."
In this audio interview with Information Security Media Group at HIMSS (see audio link below photo), Decker also discussed:
- Other details about HSCC's recently updated five-year strategic plan for improving the healthcare sector's current cybersecurity condition from "critical" to "stable" by 2029;
- HHS' recently issued cybersecurity performance goals and how they compare and contrast with the HIPAA Security Rule and the HSCC's Health Industry Cybersecurity Practices, or HICP;
- The most promising - and most concerning - issues involving AI and cybersecurity in healthcare.
Decker currently co-leads an HHS task group of more than 250 industry and government experts across the country for implementing the Cybersecurity Act of 2015 and its 405D legislation within the healthcare sector. He previously served as CISO and chief privacy officer at the University of Chicago Medicine. Decker is a member of the CyberEdBoard.