LAS VEGAS – One year into a five-year Health Industry Cybersecurity Strategic Plan, the Healthcare and Public Health Sector Coordinating Council Cyber Working Group is looking for more of the healthcare industry to get involved, said Chris Tyberg, chair of the CWG executive committee, in his keynote at the Healthcare Cybersecurity Forum at HIMSS25 here on Monday.
"We live in a world where technology changes in a matter of hours or overnight," which quickly expands security threats, Tyberg, who is also chief information security officer for Abbot, said.
The HSCC CWG previously produced 28 free resources aimed at helping healthcare organizations of all sizes to improve their cyber resilience and reduce risks to patient safety, data privacy and care operations. While people in the healthcare industry are very engaged with these resources and doing great work, the action plan is more globally driven, Tyberg explained.
"It's really about, how do we leverage that even further and really mobilize this community, get everybody engaged to take action?" he said.
"Because if we don't take action, and if we don't do things going forward, we'll be sitting here in 2030 saying that we're not any better than we were today."
Tyberg highlighted four key pillars of HSCC coalescing around the concept that cyber safety is patient safety.
The first, the concept of access in healthcare, is also true for its cybersecurity.
"People should have access to healthcare. No matter where they live, no matter who they are, no matter their socioeconomic status, they deserve access to healthcare," he said.
"We have to make sure that everybody gets access to the resources that they need to secure their organizations."
After Tyberg asked for a show of hands, it was clear that of the 400 attendees at the cybersecurity forum, there were no small-to-medium-sized healthcare provider organizations (less than 100 beds) in the room.
"We need to figure out a way to get to those organizations," he said.
In that vein, the CWG has made more all-hands meetings available in more cities across the country to increase participation, and there are more than a dozen scheduled this year.
The second pillar is the healthcare cybersecurity workforce, said Tyberg, who announced the new HSCC Academic Partnership.
HSCC is looking for sponsors for various student and institutional engagement programs to launch the next generation of cyber defenders. The new program being planned would engage with various types of academic institutions to get technology students and graduates to choose the healthcare sector for their future employment.
"Two-year programs is actually an area that's been very much overlooked as a source of great talent," he said.
"I know at Abbott, we've partnered with a couple of two-year programs, and we've got some amazing talent that has come out of those schools that are helping in our organization," he said.
The third pillar, community, is about working toward mutual aid. A concept borrowed from other critical industries – like public safety and electricity generation – mutual aid aligns with objective 12 of the CWG's five-year strategic plan.
"They could put out the call, 'We need help,' and other organizations could answer that call," Tyberg said.
However, while it's an amazing idea, there are obvious challenges, he noted.
"Even though there are those challenges out there that we need to work through, it's still something that we should pursue," he said, noting that the concept of mutual aid could be a huge benefit to the workforce.
"It's an opportunity for us to train and develop new skills in the workforce."
The fourth pillar Tyberg discussed is innovation.
Investments in innovative cybersecurity technologies could be key to extending cybersecurity protection to small-to-mid-size healthcare organizations that will never have the staff and resources to address the level of today's threats.
"New technologies, innovation might be part of the answer to helping them be able to respond, helping them be able to scale," he said.
"We want to invest in this and continue to explore how we can leverage innovation to help us be better prepared as a sector."
Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.