At the end of the previous month, Health Sector Coordinating Council’s (HSCC) Cybersecurity Working Group (CWG) posted an Operational Continuity-Cyber Incident (OCCI) control list. This list consists of recommendations for healthcare organizations on responding to cyber threats and carrying out workflow continuity under severe attacks.
The Aim of the HSCC Control List
Some cyberthreats in the healthcare field can cause a long-lasting disconnection from the entity’s network. For example, ransomware attacks can lead to this issue. The HSCC control list aims to help the health industry keep the workflow processes without interruption, even if there is a lengthy shutdown. The control list performs the functions of a dynamic document. Therefore, the organizations can adjust it according to the reviews and backgrounds of interested parties. The week before publishing these instructions, Health Sector Coordinating Council (HSCC) posted recommendations on notifications regarding weak points of health devices.
About Ransomware and Its Threat to the Healthcare Field
Cybercriminals put the ransomware into action when they need to take away the private information. It is in demand on the underground market. Cyber villains demand the victim pay the buyback of confidential data. A long duration of such a threat can lead to severe monetary losses. When the COVID-19 pandemic broke out, the number of demanding software attacks in the healthcare field increased. Figures continue to rise. Thus, the USA security structures warned about the range of demanding software that attacks critical infrastructure extensively. It also concerns the healthcare sphere.
Other Determining Factors to Publishing the HSCC Control List
Another crucial aspect that encouraged Health Sector Coordinating Council’s (HSCC) Working Group (CWG) to publish the control list lies in the Russian-Ukrainian war. Since the 24th of February, the United States of America has sanctioned Russia severely. Because of it, healthcare has become a target field for Russia-payed cybercriminals. The American Hospital Association (AHA) has supposed that organizations in the healthcare field could suffer consequently from the Russian-based malicious software. So this fact boosted the publication of the control list.
Because of the high level of danger, medical institutions have to be ready for potential threats. They have to guarantee that they can operate in any case. Even if it is impossible to regain access to vital systems at once. Thus, the HSCC control list can provide healthcare organizations with plans to respond to attack cases. They can implement the strategies at once. As a result, it will reduce the harm and influence on clients and healthcare services.
The Content of the HSCC Control List
The guidance consists of the step-by-step instructions that healthcare organizations should enforce during the first 12 hours after the attack. It also describes thoughts on the length of such security threats. The Health Sector Coordinating Council (HSCC) divided its control list into modules according to the various roles in enterprises. The modules comply with the Incident Command System. But every organization can alternate or improve those roles under the size of the enterprise, its resources, and capabilities. Therefore, it reverses to the healthcare organizations ranging from the small hospitals to the health care systems.
Under the HSCC control list, it’s necessary to assign a range of specialists to keep the entire business afloat in case of disaster. The first position is the commanding officer of incidents. This specialist must rule all steps of responding to attacks. The second one is the technical-medical expert. The expert is obligated to consult the commanding officer of incidents on the queries about responding. And the last one is the public information officer. The officer is responsible for establishing communication between inner and outer interested parties, the platform’s staff, patients and their relatives, and the press. Also, HSCC mentioned the range of measures that the head of the department and security officer has to perform in its control list. Small enterprises can merge these positions to comply with their institutional arrangement.
Additional Information
Top cybersecurity and executive managers in the healthcare sphere who participate in the HSCC Incident Response/Business Continuity (IRBC) Task Group provided the information to the Health Sector Coordinating Council (HSCC). On its basis, the HSCC developed its control list.
Under the Health Insurance Portability and Accountability Act (HIPAA) of 1996, covered entities must implement a plan of responding to cyber threats. However, healthcare organizations should be more than ready to respond because of the rise in the number of attacks in the medical industry. In addition, the forethought of every aspect of the response plan, including the determination of positions, can assist enterprises in carrying out the usual workflow even under a lengthy shutdown.
Check our recent news articles to always stay on top!
