Quality and Safety

The Cybersecurity and Infrastructure Security Agency announced this week that it had expanded the Joint Cyber Defense Collaborative to include several Industrial Control Systems experts. The expansion, which will include GE and Siemens along with Bechtel, Claroty, Dragos, Honeywell, Nozomi Networks, Schneider Electric, Schweitzer Engineering Laboratories and Xylem, is aimed at increasing the government's focus on cybersecurity and resilience of industrial control systems and operational technology.   "Cyber threats to the systems that control and operate the critical infrastructure we rely on every day are among our greatest challenges," said CISA Director Jen Easterly in a statement at the S4x22 conference in Miami.   "As the destruction or corruption of these control systems could cause grave harm, ensuring their security and resilience must be a collective effort that taps into the innovation, expertise, and ingenuity of the ICS community," she said. WHY IT MATTERS   The Joint Cyber Defense Collaborative, established in August 2021, aims to unify defensive actions and drive down risk in advance of cyber incidents. The public-private sector collaboration seeks to foster innovation, information sharing and fusion, all focused on the collective defense of cyberspace.   Upon its formation, JCDC's private sector alliance partners included Google Cloud, IBM, Microsoft and Oracle.   As noted by CISA, critical infrastructure organizations across all sectors – which includes public health and healthcare – depend on control systems for safe and efficient operation. Therefore, pushing forward with ICS security is one of the agency's top stated priorities.   The expansion, said CISA, will build on the JCDC platform to leverage the knowledge, visibility and capabilities of the ICS community to better defend control systems, inform U.S. government guidance on ICS and OT cybersecurity, and contribute to real-time operational private-public sector fusion. Meanwhile, CISA, in conjunction with global cybersecurity authorities, also urged critical infrastructure organizations to remain alert to Russian state-sponsored threats in an advisory released Wednesday. THE LARGER TREND   The U.S. government has stressed the importance of critical infrastructure buy-in when it comes to cybersecurity, particularly amidst escalating global threats.   In a memo this past year, President Joe Biden called for improved cybersecurity and formally established the Industrial Control System Cybersecurity Initiative. Since then, federal agencies and elected officials have warned critical infrastructure partners to stay vigilant, with Biden stressing hardened cyber defenses and CISA warning "shields up" in March of this year.  ON THE RECORD   "I’m excited to leverage our evolving JCDC platform to enable us to plan, exercise and collaborate with industry leaders to drive down risk to the systems and networks we depend on so greatly as a nation," said CISA's Easterly. Kat Jercich is senior editor of Healthcare IT News. Twitter: @kjercich Email: kjercich@himss.org Healthcare IT News is a HIMSS Media publication.

Although Hive has only been operational since June 2021, it has reportedly breached hundreds of organizations.

According to a notice published in March, an unknown party accessed the respiratory care provider's systems in July 2021, affecting the information of more than 300,000 people.

The Cybersecurity and Infrastructure Security Agency released information detailing who should report incidents and what should be included.

Rep. Matt Rosendale asked agency and vendor leadership to put in place a "true" bidirectional interface, calling it "the single greatest technical problem with the Cerner EHR."

Ascertain, funded to the tune of $100 million, will develop machine learning and predictive analytics tools to help solve "quality, equity and cost problems."

The agency is seeking stakeholder feedback on the guidance, which seeks to clearly outline its recommendations for premarket submission content when it comes to cybersecurity concerns. 

"They have already compromised healthcare organizations and have no reason to stop," said the Health Sector Cybersecurity Coordination Center about the group known as Lapsus$.

Clinicians at dozens of Defense Department, Coast Guard and Veterans Affairs sites were unable to update medical records for hours this past Wednesday.

Mount Sinai Health System’s VP of clinical innovation and chief nursing informatics officer Robert Freeman discusses how AI can help keep patients safer and support frontline teams.