3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security

How the Healthcare Sector Is Battling Top Threats

Denise Anderson, President and CEO of H-ISAC, on Industry Progress, New Risks
Denise Anderson, president and CEO, H-ISAC

While ransomware, third-party risk, phishing scams and insiders continue as the top threats facing healthcare and public health entities, the sector overall is becoming better prepared to deal with these issues than it was just a few years ago, says Denise Anderson, president and CEO of the Health Information Sharing and Analysis Center.

See Also: A Strategic Roadmap for Zero Trust Security Implementation

"We've come a long way," she says. "In 2010, we weren't even pairing up 'cybersecurity' and 'healthcare' in the same sentence." But when Hollywood Presbyterian Medical Center in 2016 publicly revealed it had paid an extortion demand in what was one of the first major ransomware attacks on a U.S. healthcare sector entity, "that painted a huge target on the back of healthcare," she says, awakening entities to the emerging threats.

In a video interview with Information Security Media Group at RSA Conference 2022, Anderson also discusses:

  • The theft of intellectual property from pharmaceutical makers during the COVID-19 pandemic;
  • The ransomware attack last year on Ireland's Health Services Executive;
  • The impact of new federal breach reporting mandates, including the requirement for critical infrastructure organizations to report ransomware payments within 24 hours.

Anderson is the chair of the National Council of ISACs and a health sector representative to the National Cybersecurity and Communications Integration Center, which is a Department of Homeland Security-led coordinated watch and warning center. She is a board member of the Global Resilience Federation and a member of the Cyber Future Foundation. Prior to H-ISAC, Anderson was a vice president of the Financial Services-ISAC.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.