Tech & Innovation in Healthcare

Learn the 5 Pillars of the National Cybersecurity Strategy Implementation Plan

On July 13, 2023, the White House published its National Cybersecurity Strategy Implementation Plan (NCSIP). The plan aims to combine public- and private-sector resources to help fight cybercrime and protect the U.S. infrastructure.

Examine the NCSIP and learn how this plan could affect healthcare operations.

Get to Know the NCSIP

The NCSIP contains over 65 federal initiatives, all of which are assigned to government agencies and have timelines for completion.

According to President Joseph Biden and Vice President Kamala Harris, the NCSIP calls for two essential changes in the way the U.S. delegates responsibilities, roles, and resources online. These shifts include:

1. Making sure entities who are the most capable and best positioned in the public and private sectors bear more of the weight of mitigating cyber risks; and

2. Encouraging long-term investments in cybersecurity by increasing incentives to get involved.

“The administration will continue to refine Implementation Plan initiatives based on stakeholder feedback and assessments of their effectiveness,” according to the NCSIP.

How will the plan affect healthcare? “The NCSIP will help healthcare organizations better understand and reduce cybersecurity risks, foster the creation of reliable technological products, while simultaneously supporting the development of a healthy national critical infrastructure,” says Funso Richard, CISA, CISM, CDPSE, CCSFP, information security officer for Ensemble Health Partners in Cincinnati, Ohio.

Examine Where the NCSIP Can Help Healthcare

The NCSIP consists of five pillars, which contain a total of 27 strategic objectives geared toward fighting cybercrime and helping build a “skilled cyber workforce equipped to excel in our increasingly digital economy,” according to a White House fact sheet.

The pillars of the NCSIP are:

• Pillar One: Defending Critical Infrastructure
• Pillar Two: Disrupting and Dismantling Threat Actors
• Pillar Three: Shaping Market Forces and Driving Security and Resilience
• Pillar Four: Investing in a Resilient Future
• Pillar Five: Forging International Partnerships to Pursue Shared Goals

With these pillars in mind, examine a few areas of the NCSIP where healthcare would be affected by the administration’s initiatives.

Establish an incident response plan: Under the first pillar is initiative 1.4.1, “Update the National Cyber Incident Response Plan (NCIRP),” which will be led by the Cybersecurity & Infrastructure Security Agency (CISA).

This commitment to updating the NCIRP will have a significant impact on healthcare organizations. Healthcare organizations continue to be high-value targets for malicious threat actors, and healthcare organizations can help ensure the health and safety of their patients and communities by being proactive and moving quickly to shield themselves from cyberattacks.

“The NCIRP can also assist healthcare organizations in reducing organizational downtime by providing a list of actions and procedures for each step of their incident response plan. This can help healthcare organizations better coordinate their response to cyber incidents and improve their overall incident response and recovery protocols,” Richard says.

Fight ransomware: Strategic Objective 2.5, “Counter Cybercrime, Defeat Ransomware,” establishes five initiatives geared toward disrupting ransomware attacks, helping reduce safe havens for ransomware criminals, investigating the attacks, and more. The Joint Ransomware Task Force (JRTF), which pulls together resources from CISA and the Federal Bureau of Investigation (FBI), is one of the entities cooperating in this objective’s initiatives.

JRTF efforts in combatting ransomware include:

• Compiling and sharing best practices for preventing and responding to ransomware attacks.
• Investigating and conducting operations against ransomware threat actors.
• Providing guidance and resources to organizations that are victims of ransomware.
• Disrupting certain ransomware actors’ operations.
• Identifying and constantly updating a list of highest threat ransomware entities.
• Gathering, analyzing, and sharing ransomware trends.

“The JRTF’s efforts can have a significant impact on healthcare organizations, especially those that have been targets of ransomware attacks in the past,” Richard explains.

Standardization: Strategic Objective 4.3, “Prepare for Our Post-Quantum Future,” contains initiatives aimed at securing and standardizing networks, using quantum-resistant cryptography. Healthcare organizations may face hurdles to implementing quantum-resistant cryptography, but making changes is important.

“While the adoption of quantum-resistant public key cryptographic algorithms may present challenges for healthcare systems with legacy systems that may not support post-quantum cryptography, it is important for healthcare organizations to invest in encryption tools designed to withstand quantum-powered attacks,” Richard says.

What are Healthcare Cybersecurity Experts Thinking?

The administration’s plan is a living document that will be updated annually with coordinated efforts by the Office of the National Cyber Director, who will report on the plan’s implementation to the President and Congress.

The government is seeking the coordination of the private sector, international partners, Congress, and other public entities, which will help the National Cybersecurity Strategy succeed.

“In general, these strategically aligned approaches will help protect our nation from foreign cyberthreats, which continue to accelerate in frequency, complexity, and severity. We will be watching closely to see how minimum cyber standards will be applied to the health care sector, and how those standards align with the cyber threat landscape analysis conducted by the sector,” said John Riggi, national advisor for cybersecurity and risk for the American Hospital Association (AHA).

Other experts see this plan as an opportunity for organizations to prioritize their cybersecurity to ensure their patients are protected from breaches, ransomware, and other attacks.

“Given that healthcare stands as a crucial infrastructure, consistently experiencing the highest costs associated with data breaches, this strategy offers a means for healthcare organizations to optimize their cybersecurity funding and execute cybersecurity measures that yield tangible outcomes,” Richard adds.