The U.S. Department of Health and Human Services (DHHS) and HITRUST recently conducted CyberRX, the first healthcare industry cyberattack simulation. Incident response coordination and collaboration are important, though many departments tend to keep security practices internal and not share successful techniques.
The standard national cybersecurity framework isn't effective to keep critical infrastructure protected, so healthcare providers and private sector security specialists must team up to be better prepared for threats.
"The initial exercise, although limited in number of participants, is a significant step in establishing an industry CyberRX exercise playbook and formal program; identifying areas where organizations should focus; identifying opportunities for greater collaboration and information sharing between organizations, HITRUST and government; and identifying what gaps exist and where industry needs additional support to (be) better prepared," said Kevin Charest, U.S. Department of Human Services Chief Information Security Officer.
The U.S. military, financial industry, and other select business sectors have carried out test cyber threat drills - and companies that carry out these type of exercises tend to be better prepared for a cyberattack.