"Persistent Cybersecurity Threats Impede HHS Strategic Plans, Watchdog Warns"

According to a new report from the Office of the Inspector General (OIG), as the Department of Health and Human Services (HHS) strives for greater interoperability across the healthcare sector, the agency must increase efforts to modernize its approach to cybersecurity. The report, "Top Management and Performance Challenges Facing HHS," outlines the healthcare regulator's complex challenges, with a section dedicated to cybersecurity concerns. OIG discovered that HHS had made efforts to improve its posture, particularly following the Biden administration's executive order in May 2021 directing federal agencies to fundamentally and systemically change their approach to cybersecurity. HHS is finalizing its strategic plan, but the road ahead has challenges shared by the government and healthcare sectors, including persistent cybersecurity threats. According to the report, significant investments in resources, as well as cultural and organizational change, will be required. HHS has long struggled to meet the challenges confronting its information security program, with yearly reports from both the OIG and the Government Accountability Office (GAO) consistently deeming the program ineffective, under the Federal Information Security Modernization Act (FISMA) metrics. The most recent OIG audit, released in April, discovered that HHS failed to meet the "managed and measurable" maturity level for all five elements of the identifying, protecting, detecting, and recovering function elements required by Department of Homeland Security (DHS) guidance and FISMA. HHS is working to address these vulnerabilities to meet the executive order's requirements for federal agencies on specific cybersecurity standards and objectives by the end of fiscal year 2024, which includes adopting a zero-trust security architecture approach. This article continues to discuss HHS cybersecurity challenges. 

SC Media reports "Persistent Cybersecurity Threats Impede HHS Strategic Plans, Watchdog Warns"

Submitted by Anonymous on