States Urged to Step Up Support for Cybersecurity in Healthcare Sector
As uncertainty looms over the level of cyber resources that federal agencies will continue to provide to healthcare entities and other critical infrastructure sectors under the current Trump administration, experts are suggesting that states may need to fill the gaps in support. Mike Hamilton, the field CISO of cybersecurity firm Lumifi Cyber, emphasized the need for states to increase their support as federal resources may become scarce.
“In light of the current situation, it appears that we may be on our own when it comes to federal assistance,” Hamilton stated in an interview with Information Security Media Group. “It will be up to us to address the voids left by CISA (Cybersecurity and Infrastructure Security Agency).”
The downsizing of the federal workforce in various agencies, including CISA, has raised concerns about the availability of support for cyber resource-stressed organizations like rural hospitals in the healthcare sector, Hamilton explained. During the previous administration, CISA provided critical assistance to local organizations by deploying regional cybersecurity advisers, physical security experts, and communication resources across different communities. However, it remains uncertain whether similar support will continue in the future.
“I am unsure of the future of risk and resilience assessments, as well as other services previously offered by CISA,” Hamilton noted. “States may need to step in and offer support, potentially through internship programs involving cybersecurity students who can assist rural healthcare organizations in monitoring security logs and identifying signs of compromise.”
In response to questions about its ongoing support for healthcare organizations, a CISA spokesperson assured that the agency remains committed to providing services and resources to enhance cybersecurity and resilience in the healthcare sector. The Cybersecurity Toolkit for Healthcare and Public Health on the CISA website offers various guides, best practices, free vulnerability scanning services, and contact information for regional teams to provide guidance and assistance.
In the audio interview with Information Security Media Group, Hamilton also explored additional topics, such as the potential impact of funding cuts to federal programs like Medicaid on rural healthcare providers, available low-cost cybersecurity programs for healthcare entities, and emerging regulatory issues in the healthcare cybersecurity landscape.
With over 30 years of experience in technology and management, Hamilton’s insights into cybersecurity challenges facing the healthcare sector are invaluable. His background includes roles as the co-founder and CISO of Critical Insight, former CISO for the City of Seattle, and former vice chair of the Department of Homeland Security’s State, Local, Tribal, and Territorial Government Coordinating Council.
In conclusion, as federal support for cybersecurity in the healthcare sector faces uncertainties, states may need to play a more significant role in providing assistance to ensure the resilience of critical infrastructure. By leveraging available resources and establishing collaborative initiatives, states can help bridge the gap and enhance cybersecurity measures in healthcare organizations, especially in rural areas.