HHS looks to improve cybersecurity coordination

The Department of Health and Human Services is expanding its real-time threat intelligence operations and improving information sharing with key federal agencies as part of an effort to enhance its preventative cybersecurity capabilities, according to the agency's top tech official. 

Karl Mathias, chief information officer for HHS, said on Thursday at the Billington Cybersecurity Summit in Washington, D.C. that the agency has utilized its cybersecurity coordination center in recent years to help enable information sharing with federal agencies, scientific research institutions, medical device manufacturers and more. 

“We cannot be scared of sharing the data we have,” Mathias said. “We can’t let fear of the security issue prevent us from solving the problem.” 

HHS' Health Sector Cybersecurity Coordination Center, otherwise known as HC3, was launched in 2018 to improve cybersecurity coordination efforts across the healthcare sector, after Congress urged the agency to improve its collaboration and partnership initiatives.

A Government Accountability Office report published in 2021 said the agency had taken steps to define certain cybersecurity roles and responsibilities within the agency, but could further improve collaborative efforts with partners in the healthcare and public health sectors. Another GAO report published a year later said the agency needed to enhance its breach reporting process and establish feedback mechanisms for affected entities. 

Matthias, who HHS tapped to serve as its CIO in March last year, said the agency now conducts its cybersecurity processes under a single motto: “Share as much as you can, recognize when you should and apply the cybersecurity principles to that data.”

“We recognize at HHS that this data can be used for great purposes,” he added. 

HHS is also increasingly working with the Cybersecurity and Infrastructure Security Agency and the Departments of Defense and Veterans Affairs to ramp up mitigation efforts around ransomware attacks targeting federal entities. 

Matthias described HHS' 405(d) program as the most important resource the agency has to coordinate cross-government and sector collaboration efforts towards mitigating cyber vulnerabilities. The program, launched as a congressional mandate under the Cybersecurity Act of 2015, includes a task group that features more than 200 cybersecurity and healthcare experts to help coordinate response efforts and develop recommendations for best practices.

Recent reports indicate the healthcare sector is increasingly facing an onslaught of cyberattacks, with healthcare data breaches consistently trending upward since 2012 and doubling over the last three years, according to HHS.