HHS is aggressively working with industry to introduce organizational cybersecurity resiliency to the Health Care Industry and move organizations away from self-regulating, checkbox-driven security standards which provide little more than security theatre. The Healthcare Cybersecurity and Communications Integration Center (HCCIC), HHS’s new cybersecurity intelligence-sharing clearing-house, is a major step toward this goal and acts as a sector-specific cybersecurity coordination hub between the HPH sector and the NCCIC.
In this analysis, entitled “HHS’ HCCIC Takes a Quantum Leap Forward to Secure the Health Sector: A Fortunate Solution to the Rampant Risk of Minimalistic, Self-Governing Bureaucracy,” ICIT examines why HHS is uniquely suited to help DHS improve the cybersecurity of the healthcare and public health sector and the crucial role of the HCCIC. Specifically, the paper discusses:
- Why the private sector cannot oversee itself
- The risk posed to health sector resiliency and consumer privacy by insider threats, poorly secured web portals, improper data handling, and under-regulated medical data mining
- The foundation of the HCCIC
- How the HCCIC augments the NCCIC
- How the HCCIC will collaborate with ISAOs and ISACs
- The role of the HCCIC in improving small and medium-business’ access to threat data
This paper was written by James Scott, Sr. Fellow, ICIT.
Individuals interested in learning more about this topic are invited to join ICIT at its upcoming “Cybersecurity Intelligence Briefing” September 26, 2017 in Washington D.C. to receive a briefing on the HCCIC.
Download this paper here: https://icitech.org/wp-content/uploads/2017/08/ICIT-Analysis-The-HHS-HCCIC.pdf