What Does ‘Shields Up’ Mean for Your Hospital?

March 23, 2022

U.S. leaders continue to warn of the potential for malicious cyber activity stemming from Russia’s invasion of Ukraine.

This week, President Joe Biden and U.S. national security advisors are urging organizations—including the health care community—to be vigilant about the potential for cyber threats, noting the rise in “adversaries compromising systems that use known vulnerabilities for which there are patches.”

National security officials have asked organizations to get their “shields up” to protect their cybersecurity and their critical assets.

“To be clear, there is no certainty there will be a cyber incident on critical infrastructure,” said Anne Neuberger, deputy NSA for cyber and emerging technologies. “So why am I here? Because this is a call to action and a call to responsibility for all of us.” 

This week, the nation’s cyber leaders are urging organizations to:

• Mandate the use of multi-factor authentication
• Deploy modern security tools on computers and devices
• Check with cybersecurity professionals to make sure systems are patched and protected against all known vulnerabilities, and change passwords across networks
• Back up data and ensure offline backups are beyond the reach of malicious actors
• Run exercises and drill emergency plans
• Encrypt data
• Educate employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly
• Engage proactively with local FBI field offices or Cybersecurity and Infrastructure Security Agency Regional Offices in advance of any incidents

“This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience,” President Joe Biden said this week.

HAP continues to monitor trends in cybersecurity and provide updates and guidance to members.

For more information, contact Jason Tomashunas, MS, CHEP, HAP manager, emergency management. John Riggi, the American Hospital Association’s senior advisor for cybersecurity and risk, also offers coverage and resources about health care cybersecurity.