HSCC Cybersecurity Working Group Q3 2023 Progress Report
To: HSCC Joint Cybersecurity Working Group
From: Erik Decker, Industry Chair
Please see attached the Third Quarter 2023 Report of the HSCC Cybersecurity Working Group.
As we head into the 4th quarter of 2023 we begin looking to 2024 on a number of fronts:
-Complete and publish in February our Health Industry Cybersecurity Five-Year Strategic Plan and get it implemented across our complex and interdependent ecosystem. Our task group work will pivot from content development to outreach and mobilization; i.e., leading the horse to water and getting it to drink – the horse being the industry and the water being the reservoir of policies and controls available to strengthen the security and resiliency of the health sector.
-Continue to strengthen HSCC collaboration on initiatives and policies with our government partners in HHS, 405(d), CISA, NIST and others. We expect to see forward-leaning cybersecurity initiatives from HHS and CISA in the coming weeks and months, so stay tuned.
-With an increase of just 85 more Cybersecurity Working Group members in 2024 we can reach 500 organizations and more than member 1000 personnel, which would be a ten-fold increase since 2017. This shows a panoply of perspectives and strength of representation. Many new members arrive on our doorstep simply because many of you serve as effective and energetic ambassadors by pointing your peers to the collaborative efforts of the HSCC. Everyone should continue to get out and recruit new organizations, especially those non-patient care operators, such as plans and payers, HIT, med tech and pharma.
As for the third quarter, our activities and accomplishments speak for themselves:
-HSCC briefings to several government advisory committees about our progress, joint publications, and partnerships, with a consistent message that with industry leadership and government support we can move the industry forward to a stronger position of security and resiliency; and
-One new and 4 updated and reprinted publications to keep the drumbeat of useful resources available to the sector.
I continue to be amazed and proud about how many of you have stepped to contribute to the improvement of the sector against our cyber adversaries, and how that hard work and collaboration are being recognized by our government partners and the broader healthcare ecosystem I am excited about more to come this year and well into next year. But as I have written before: we are never done, only better.
Erik Decker, Industry Chair
HSCC Cybersecurity Working Group