ARPA-H to Improve Health Care Sector Cyber Resiliency Through New Program

The Department of Health and Human Services’ Advanced Research Projects Agency for Health has introduced the Universal PatchinG and Remediation for Autonomous DEfense program to help hospitals and health care systems identify vulnerabilities.

HHS Deputy Secretary Andrea Palm said that the UPGRADE program will help protect U.S. health care facilities from bad actors and is part of the agency’s commitment to improving the sector’s cyber resiliency.

According to ARPA-H, the program will focus on four technical areas: creating the vulnerability mitigation software platform, developing “high-fidelity” digital twins of hospitals, automatically detecting cyber vulnerabilities and auto-developing custom cyber defenses, Federal News Network reported.

UPGRADE Program Manager Andrew Carney said the program will help information technology teams in hospitals and other health care facilities manage the complexities of the health IT environment.

The program comes after Change Healthcare was targeted by the ALPHV/Blackcat ransomware gang in early 2024. The cyberattack disrupted health care systems across the country after hackers took advantage of the poor multifactor authentication employed by the payment processor.