During the COVID-19 pandemic, there has been a dramatic increase in cyberattacks targeting hospitals and health systems, including disruptive ransomware attacks that have interrupted patient care and risked patient safety. As a result of COVID-19, financially constrained hospitals and health systems often have fewer resources to bolster their cybersecurity defenses to protect their expanded networks, their data, and most importantly, their patients and the communities they serve.
Our goal is to help AHA members develop the defenses they need against these threats. The AHA’s John Riggi, a former FBI cyber executive and a nationally recognized expert, is here to serve as a powerful resource to advise and assist the health care field in mitigating the many cyber and physical risks it faces.
Stay up-to-date on the latest cybersecurity news, resources and alerts from the AHA.
Strategic Cybersecurity and Risk Advisory Services
Mitigate cyber and physical risks with these assessment and consultative services.
Cyberattacks are increasing against hospitals and health systems, including frequent high-impact ransomware attacks, which disrupt delivery of patient care and risk patient safety. Cybersecurity vulnerabilities and intrusions pose risks to every hospital. While there are significant benefits for care delivery and organizational efficiency from the expanded use of networked technology and electronic exchange of health information, this greater connectivity increases exposure to potential cybersecurity threats. Our goal is to help AHA members to mitigate the many cyber and physical risks hospitals and health systems face every day.
Leadership Cybersecurity Education and Awareness Services
Strategic guidance, education and tabletop simulations for your leadership and board.
Hospital C-suite and other senior leaders shouldn’t view cybersecurity as a purely technical issue falling solely under the domain of their IT departments. Rather, it’s critical to view cybersecurity as a patient safety, enterprise risk and strategic priority — and instill it into the hospital’s existing enterprise, risk-management, governance and business-continuity framework. Our goal is to help AHA members understand cyber risk goes far beyond an IT risk and responsibility and should be addressed in the enterprise risk management framework that encompasses patient care and safety, financial, legal, regulatory, operational, privacy, reputational and strategic risks.
Cyber and Risk Incident Response Strategy and Advisory Services
Incident response services and assistance with response, mitigation and remediation plans.
What are best practices for preparing for cyber and risk incidents? What do you need to do once an incident strikes? Our goal is to be powerful resource for AHA members to guide them through the development of their strategic approaches to prevent, prepare for and mitigate potential cyber risk and attacks.
Law Enforcement and National Security Relations
Government liaison services related to cybersecurity and risk issues and active incidents.
Preparing for and responding to cyberthreats often requires interaction with the government, law enforcement and the intelligence community. Our goal is to serve as expert advisor and be the connection between AHA members and government agencies as they experience and recover from a cyberattack.