The heavy reliance of health systems on third-party vendors makes them susceptible to cyberattacks. The recent attack on Change Healthcare exemplified this vulnerability, impacting healthcare providers across the country. After a cyberattack, industry transparency is crucial, but difficult due to fear of legal repercussions, reputational damage or increased vulnerability. Erik Decker of Intermountain Health suggests sharing ‘indicators of compromise’ with the government and other groups to help other organizations identify threats.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted