The Australian government’s recent allocation of a $6.4 million grant to the Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC) Australia for the creation of a new cyber threat information-sharing network specifically designed for the healthcare sector has been met with positive reactions. This decision comes amid a concerning trend of escalating cyberattacks on healthcare organizations in Australia, including hospitals, health funds, and clinics.
The healthcare industry in Australia has been increasingly vulnerable to cybersecurity threats, with recent data breaches compromising sensitive medical and financial information, jeopardizing the security and privacy of millions of Australians. In fact, the healthcare sector has consistently reported the most costly data breaches globally over the past 13 years, with breach costs averaging AUD $10.93 million in 2023—almost double that of the financial industry.
With a landscape consisting of over 750 government hospitals, 650 private hospitals, and around 6,500 general practitioner clinics, the healthcare sector in Australia is expansive and interconnected. It heavily relies on various third-party vendors and suppliers, further heightening its susceptibility to cyber threats.
The newly established Health Cyber Sharing Network (HCSN) by CI-ISAC aims to enhance collaboration within the healthcare sector by facilitating swift and secure sharing of cyber threat intelligence. The primary objective is to dismantle information silos and create a more robust cybersecurity environment within the healthcare industry. CEO of CI-ISAC Australia, David Sandell, stressed the significance of this initiative, highlighting the sector’s vast amount of sensitive information and the potential repercussions of cyberattacks on crucial health services.
Lt. Gen. Michelle McGuinness CSC, the National Cyber Security Coordinator, also echoed the importance of this initiative in enhancing Australia’s cybersecurity preparedness, especially in light of the significant impact that healthcare-related cyberattacks can have on the population.
By joining the HCSN, healthcare organizations will gain access to valuable threat intelligence distributed by CI-ISAC’s diverse membership base across critical infrastructure sectors such as energy, telecommunications, and finance. This cross-sector intelligence sharing will empower the healthcare industry to better identify and mitigate emerging threats effectively.
To encourage participation, CI-ISAC is offering complimentary 12-month memberships to eligible health and medical organizations and their suppliers, providing access to cyber threat intelligence reports, industry insights, training programs, and a trusted information-sharing network.
While the initiative has garnered widespread support, some industry experts have voiced skepticism, emphasizing the importance of robust cybersecurity measures and compliance with international standards like HIPAA to ensure its effectiveness.
Overall, the launch of the Health Cyber Sharing Network signifies a crucial step towards bolstering the cybersecurity resilience of the healthcare sector in Australia. As participation in the network expands, collaboration among stakeholders will be key to its success, potentially setting a benchmark for similar initiatives across various sectors and solidifying Australia’s cybersecurity leadership aspirations by 2030.