Are you aware that cyber adversaries target the health care sector the most of all critical infrastructure sectors? Hospitals and health systems in particular have frequently been the target of high-impact ransomware attacks, which disrupt patient care and risk patient safety. 

Yet, due to a number of economic factors, including the response to COVID-19, hospitals may have constraints on the amount of financial resources available to devote to cybersecurity. Hospitals and health systems have also seen a dramatic increase in cyber vulnerabilities and attacks during this time, exacerbated by the necessity to greatly expand remote and internal networks and connected devices in response to COVID-19, resulting in a vast and complex attack surface. Hospitals also have the highest cyberattack recovery costs when compared to other sectors. Similar to cross-industry peers, hospitals and health systems are increasingly ranking cyber risk as a top enterprise risk priority, all while their confidence in cyber resiliency may be decreasing. 

Adding to the importance of this issue is the fact that, unlike other sectors, cyberattacks on health care providers have a direct impact not just on data, but on people — the patients we care for and the communities we serve. In this imminent cyber threat environment, while the nation’s hospitals are on the front line in the battle against COVID-19, the AHA recognizes their urgent need to defend their organizations and the patients and communities they care for.

AHA Preferred Cybersecurity Provider Program: Meeting an Urgent Cybersecurity Need
Feedback from AHA members indicates you would like access to trusted information to help guide your selection of cybersecurity solution providers that address your specific challenges.

Our cyber adversaries are agnostic and collaborative in their approach — they assist each other to develop and launch malware and ransomware attacks against health care. That’s why the health care field, the AHA and the commercial cybersecurity community need to take the same collaborative approach when it comes to cyber defense and combine our collective resources. In this “whole of nation” approach we can assist the entire field by providing resources and guidance to help individual members — one team, one fight. 

To meet AHA members’ urgent need for the best cybersecurity possible, the AHA Cybersecurity and Risk Advisory team has developed the AHA Preferred Cybersecurity Provider (APCP) Program to aid you in your selection of a commercial cybersecurity solution provider.

Benefits of the AHA Preferred Cybersecurity Provider Program 
Using a strict due diligence process, AHA has curated an exclusive panel of a limited number of highly reputable, qualified and accomplished cybersecurity service providers for your consideration. These Preferred Cybersecurity Providers offer AHA member organizations exceptional value in terms of quality and pricing, with special discounts for AHA members only. To ensure continued quality, we will:

•    Follow up with member participants with a satisfaction survey so we can evaluate the provider’s performance and continued participation in the program. 
•    Provide feedback to our commercial partners for continued quality control and enhancement of their services for members.

Learn more about the program, the services offered by the APCPs and how you can get started.

John Riggi is the AHA senior advisor for cybersecurity and risk. 
 

Related News Articles

Headline
The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology March 27 released for comment through May 28…
Headline
In this first of a two-part conversation with experts from Providence, Adam Zoller, chief information security officer, and Katie Adams, cybersecurity director…
Headline
The Department of Health and Human Services’ Administration for Strategic Preparedness and Response and Centers for Medicare & Medicaid Services this week…
Headline
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency March 27 released a proposed rule implementing cyber incident and ransom…
Headline
U.S. and international cybersecurity authorities this week released additional guidance to help health care and other critical infrastructure leaders defend…
Headline
Congress should address any statutory constraints that prevent the Centers for Medicare & Medicaid Services and Department of Health and Human Services…