Health Care Industry Exercise to Test Cyber-Defenses
The "CyberRX" exercise will aim to give health care providers, a favorite target of criminals, experience in dealing with cyber-attacks.The U.S. Department of Health and Human Services (DHHS) hopes to give the health care industry some experience in warding off cyber-attacks by staging two joint exercises this year. The war games, dubbed CyberRX, will give health care providers, health plans, hospitals, drug manufacturers and government agencies practice in detecting and responding to attacks. The DHHS and the Health Information Trust Alliance (HITRUST) will measure the performance of industry participants and the group created by HITRUST to facilitate information sharing. "Our goal for the exercises is to identify additional ways that we can help the industry be better prepared for and better able to respond to cyber attacks," Kevin Charest, chief information security officer for the DHHS, said in a statement. "This exercise will generate valuable information we can use to improve our joint preparedness." Cyber-security exercises are a common way for industries to open the lines of communication between security teams and the groups set up to act as information hubs. In addition, participants can determine if their policies and procedures fully account for common attack scenarios.
The health care industry has been slow to adjust to the reality of cyber-attacks. Information-security budgets are tight, and more than 430,000 health care groups and companies exist in the United States, according to Daniel Nutkis, CEO and co-founder of HITRUST.