Dr. Leslie Saxon Completes Term on HSCC Cybersecurity Working Group Executive Committee Which Releases 5-Year Plan 

Date: Feb 28, 2024
Category: Cybersecurity | News

Dr. Leslie Saxon, Executive Director, Center for Body Computing, has just completed her 3-year term on the Health Sector Coordinating Council’s Cybersecurity Working Group Executive Committee, which released its “Health Industry Cybersecurity Strategic Plan” (HIC-SP) at the ViVE 2024 conference in Los Angeles this week. 

“ I am proud of HSCC for their hard work in securing the safety of patients and patient generated data,” said Dr. Saxon. “The recently announced five-year plan will help secure the healthcare sector from attacks and minimize the impact of any single attack. I was proud to serve on the HSCC Executive Committee.” 

The “Health Industry Cybersecurity Strategic Plan” (HIC-SP) is a call to action for organizations, throughout the healthcare ecosystem, to implement foundational cybersecurity programs which address operational, technological, and governance challenges. HIC-SP guides C-suite executives, information technology and security leaders and government agencies toward investment and implementation of essential cybersecurity goals to head off those threats.

HIC-SP was developed over eighteen months among a large cross section of the Cybersecurity Working Group membership and government partners. It was structured to prepare for broad industry trends over the next 5 years with high level cybersecurity goals that can be achieved through the implementation of specific measurable objectives. Success will upgrade the diagnosis of healthcare cybersecurity from “critical” to “stable condition” by 2029, ensuring a healthcare cybersecurity future state in which:

  1. Healthcare cybersecurity, both practiced and regulated, is reflexive, evolving, accessible, documented, and implemented.
  2. Secure design and implementation of technology and services across the healthcare ecosystem is a shared and collaborative responsibility.
  3. Leaders in the healthcare C-Suite embrace accountability for cybersecurity as an enterprise risk and a technology imperative.
  4. A cyber safety net promotes cyber equity among under-resourced health organizations across the ecosystem.
  5. Workforce cybersecurity learning and application is an infrastructure wellness continuum.
  6. A “911 Cyber Civil Defense” capability to provide early warning, incident response and recovery is reflexive and always on. 

In publishing the HIC-SP, the HSCC will now begin the second phase of this program – to develop a consistent set of measurable outcomes and appropriate metrics for success. The HSCC CWG intends to release those measures by the end of 2024. 

The HIC-SP document and supporting material are available on the HSCC Cybersecurity website: https://healthsectorcouncil.org/the-plan/