Change Healthcare Wake-Up Call: Is Sector Too Codependent?

Video Interview in Healthcare InfoSecurity
Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues
Marianne Kolbasuk McGee (HealthInfoSec) • March 27, 2024
Access the video interview here:
https://www.healthcareinfosecurity.com/change-healthcare-wake-up-call-sector-too-codependent-a-24719
The Change Healthcare attack – the most disruptive cyber incident to ever hit the U.S. healthcare ecosystem – spotlights the risks that come from relying on a handful of major suppliers, said top leaders of the Health Information Sharing and Analysis Center.
“The real wake-up call was just the realization of how interconnected, how interdependent the healthcare sector is on a small number of service providers,” said Errol Weiss, chief security officer of Health-ISAC.
“Not only do we see a lot of patient inconveniences where people couldn’t get prescriptions filled or procedures were being canceled because of the lack of insurance information – hospitals were also dealing with an impact to cash flow because they couldn’t file those insurance claims,” Weiss said in an video interview with Information Security Media Group (see: Nursing Home Declares Bankruptcy, Blames Recent Cyberattacks).
“Now they’re suddenly cash-strapped and having financial issues as well. That level of interconnectedness and dependencies was something that took a lot of people by surprise, and we’ll certainly be looking at that going forward.”
In previous times of crisis, said Denise Anderson, CEO of Health-ISAC, the healthcare sector realized how reliant it is on too few major suppliers. Those times includes non-cyber related circumstances, such as in the aftermath of Hurricane Maria in 2017 and when the coronavirus pandemic disrupted supply chains, she said.
But the Change Healthcare incident revealed the degree of reliance on major IT vendors – and the domino effect that can happen – at a scope not seen before.
Listen to the entire video interview here:
https://www.healthcareinfosecurity.com/change-healthcare-wake-up-call-sector-too-codependent-a-24719
- Related Resources & News
- Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
- New Cybersecurity Policies Could Protect Patient Health Data
- CyberWire Podcast: PHP flaw sparks global attack wave
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%