HHS Health Preparedness, Response Unit Provides Guide to Implementing NIST Cybersecurity Framework

The Administration for Strategic Preparedness and Response within the Department of Health and Human Services has released a road map for the health care sector to implement the National Institute for Standards and Technology’s Cybersecurity Framework.

ASPR developed the Cybersecurity Framework Implementation Guide in partnership with the private sector and government agencies in view of the rising cyberattacks targeting health care systems. The document offers health care institutions risk management principles and best practices they can apply to prevent cyber incidents and disruptions in their operations, ASPR said.

Enhancing the resilience of U.S. critical infrastructure, including hospitals, is included in the new White House National Cybersecurity Strategy. The strategy highlighted how U.S. adversaries use ransomware attacks, now considered a national security threat, to disrupt critical services and businesses. 

Recently, U.S. and South Korean intelligence and security officials warned that the North Korean government is supporting hackers to launch ransomware attacks on health care providers. According to a cybersecurity advisory, the ransomware activities aim to obtain funds for cyberattacks on U.S. and South Korean government agencies.