HHS Launches New Cybersecurity Awareness Resources


The Department of Health and Human Services issued three new online resources for health care entities to fortify their digital networks.

The Department of Health and Human Services launched three new cybersecurity resources on Monday, each focusing on raising awareness for medical institutions to better protect their digital infrastructures.

Three web pages, consisting of two websites and an online report, offer free access to cybersecurity best practices for health care organizations. Some of the resources include cybersecurity training in a public health context, overviews of major cybersecurity threats and how to combat them, as well as an analysis of U.S. hospitals’ cybersecurity preparedness. 

Health care specific guidance comes as the U.S. digital infrastructure continues to be targeted by both foreign and domestic adversaries. 

“Cyberattacks are one of the biggest threats facing our health care system today, and the best defense is prevention,” HHS Deputy Secretary Andrea Palm said of Knowledge on Demand, one of the offered websites, “These trainings will serve as an asset to any sized organization looking to train staff in basic cybersecurity awareness and are offered free of charge, ensuring that those hospitals and health care organizations most vulnerable to attack can take steps toward resilience.”

The top five digital threats health entities face include ransomware, social engineering, device theft, data loss and network attacks, according to the websites. 

Multiple federal agencies have been in the process of developing bespoke cybersecurity best practices tailored to specific sectors, including the Department of Energy and the Cybersecurity and Infrastructure Security Agency. The large, whole-of-government push to fortify cyber defenses was partially catalyzed by President Joe Biden’s recent efforts, including an executive order that mandates the strengthening of government computer networks. 

HHS officials encourage all HPH organizations to use the new cybersecurity websites. 

“Time and again, HHS and the private sector have shown they have the ability to collaborate to address urgent, complex problems,” Palm stated in the opening remarks of the report. “With the rise of cybersecurity threats it is more important than ever that we come together to adopt and implement new materials, tools, best practices and more to protect patients across the country.”