Last year, cyberattacks compromised the health records of 45 million American patients. critical insight. This number has tripled in just three years, up from 14 million patients in 2018.Just last week, FBI Director Christopher Wray disclose The agency helped Boston Children’s thwart an attempted Iranian cyberattack in 2021, which he described as “one of the most vile cyberattacks I’ve ever seen.”
The federal government has established various departments and initiatives to promote cybersecurity among healthcare organizations as well as businesses in other sectors. But experts say these efforts require more cross-agency collaboration to be effective.Here’s why lawmakers and cybersecurity experts are uniting The recently promulgated Law on Strengthening Cybersecurity of Medical Devicesa bipartisan bill aimed at ensuring that the Food and Drug Administration works with other federal agencies to issue informed guidance on the cybersecurity of medical devices.
Although medical devices are often targeted by hackers, the FDA has not issued cybersecurity guidance since 2018. legislation introduced Presented by Sens. Jacky Rosen, D-Nev. and Todd Young, R-Ind., the FDA will be required to review and update medical device cybersecurity guidance and provide recommendations for protecting devices from cyberthreats. Currently, there is no requirement for how often FDA needs to issue guidelines.
The bill seeks to ensure that federal cybersecurity guidance for medical devices is consistent with the current rapidly evolving healthcare cyberthreat landscape. It also requires the FDA, in collaboration with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, to issue binding medical device cybersecurity guidance at least every two years.
If the bill passes, the FDA will have to regularly publicly update medical devices on cybersecurity vulnerabilities and how to get support.The bill will also requireThe Government Accountability Office will release a comprehensive report on cybersecurity vulnerabilities in medical devices and how the federal government can improve its interagency cooperation to address these challenges.
In March, Senator Rosen introduced A separate bipartisan bill with Sen. Bill Cassidy (R-La.) seeks to strengthen HHS’s cooperation with CISA to counter Russian cyber threats. The legislation aims to foster a closer working relationship between the two entities so they can provide more informed guidance on how healthcare assets could be targeted by cybercriminals.
The government has historically taken a “fragmented approach” to cybersecurity, Lisa Plaggemier, executive director of the National Cyber Security Alliance, said in an emailed statement. This fragmentation covers the tools used by different departments, how cyber-attack prevention measures are implemented, and what and when cybersecurity developments are reported, she said.
“Given how rapidly the cybersecurity landscape is evolving, it is becoming increasingly clear that if governments cannot effectively collaborate and coordinate a streamlined response, it will be nearly impossible to build the cybersecurity infrastructure we need,” she said.
Cyber threats have been evolving rapidly, and rising geopolitical tensions mean that cybersecurity defenses must be able to pivot more quickly. Plaggemier noted that cybercriminals are willing to disrupt virtually any space, so the federal government must prioritize open lines of communication to provide an effective cyber defense strategy, as a vulnerability in one area could affect a seemingly unrelated area.
Photo: anyaberkut, Getty Images
