The Health Information Trust Alliance (HITRUST) recently announced plans for a series of exercises called CyberRX, which will simulate cyber attacks on healthcare organizations in order to evaluate the healthcare industry's cyber security preparedness (h/t Softpedia).
The exercises will be conducted in partnership with the U.S. Department of Health and Human Services (HHS) and major companies in the healthcare industry, including providers, health plans, prescription benefit managers, pharmacies and pharmaceutical manufacturers.
"I feel strongly that these exercises are needed as a crucial step in the healthcare industry's continued maturity around cyber threat preparedness and response," WellPoint vice president and chief information security officer Roy Mellinger said in a statement. "It will allow organizations to evaluate and improve their processes and identify gaps in what is needed industry-wide and from government."
The exercises will focus on the following key objectives:
- Develop a better understanding of the healthcare industry's cyber threat response readiness
- Measure the effectiveness of the HITRUST C3 in supporting the healthcare industry and opportunities for improvement
- Test the coordination with the U.S. Department of Health and Human Services relating to cyber threats and the healthcare industry response
- Document threat and attack scenarios of value for future exercises engaging additional healthcare industry organizations and in support of industry preparedness
"As cyber threats continue to increase and the number of attacks targeted at healthcare organizations rise, industry organizations are seeking useful and actionable information with guidance that augments their existing information security programs without duplication or complication," HITRUST CEO Daniel Nutkis said in a statement.