CISA's Deputy Director Stresses Need for Cyber-Safe Hardware and Software

April 8, 2024
During the annual HIMSS conference, CISA’s deputy director cautioned the audience on the state of cyber in healthcare

Deputy director for the Cybersecurity and Infrastructure Security Agency (CISA) Nitin Natarajan spoke last month on the state of cybersecurity in healthcare at the annual HIMSS conference in Orlando.

In a cybersecurity preconference, he informed the audience that the CISA represents sixteen interdependent sectors. As Natarajan explained the threat landscape, he expressed that there has been a change in the adversary and victim landscape. For adversaries, it’s easier to attack. “There are now attacks in rural areas,” he said, “the combination is precarious.”

Natarajan advised pushing the industry to create safe products. “Security should be built into devices,” he noted. He cautioned that there needs to be increased awareness concerning the hardware and software that is being bought. “The secure by design effort is a global effort.”

Natarajan explained risk as a three-legged stool: identification, mitigation, and acceptance. In a joint effort with the U.S. Department of Human Health Services (HHS), CISA is providing free resources, including toolkits and tabletop exercises, to build resilience, he said.

An audience member expressed concern about people who fear reporting incidents out of fear of retribution. “How do we make a safe space for people to report incidents?” they asked. “We are punishing people who do the best they can with the resources they have.” Natarajan answered, “we don’t want to victim shame.” It’s important to report incidents, he said, “we look to help, and to help prevent others from becoming victims.”

We want to pivot away from blaming, Natarajan said, instead we want to talk about building resilience. “How do we bounce back quicker and recover in a timelier matter.” Obtaining timely information is key, he said. “We don’t want to become a burden. We want to protect other organizations.”

Sponsored Recommendations

Improving Workplace Safety and Patient Care in Behavioral Health

In 2023, Vail Health enhanced safety in their behavioral health clinic, but the impact went beyond their expectations. Read their case study to see how prioritizing workplace ...

Transforming Hospital Capacity Through Smarter Patient Progression Strategies

Helping patients move seamlessly through every stage of their care, from admission to discharge, is critical to ensuring patient safety, improving outcomes, and optimizing capacity...

Beyond the AI Buzz: How Clinicians Can Leverage AI for Value-Based Success

Watch on-demand to explore the impact of implementing AI in primary care settings to reduce burnout and thrive in value-based care. Including practical takeaways on driving clinician...

Building the Connected Hospital: Bridging Operational Gaps Through Technology

Join industry leaders to explore how advanced technologies like RFID, AI, EMR, and ERP systems are transforming hospitals into connected ecosystems that enhance efficiency, streamline...