Healing healthcare cybersecurity with ‘whole-of-health’ approach

Retired Gen. Keith Alexander and Premera Blue Cross Chief Information Security Officer Adrian Mayers argue for structural changes organizations can make to address healthcare cyberattacks.
Health-ISAC mention:
A “whole-of-health” approach to cybersecurity complements current efforts by the Health-ISAC, as it adds to the mix both actionable attack intelligence about new and novel threats and a real-time, radar-like picture of the cyber threat landscape.
Link to article in Healthcare Dive:
Published January 4, 2023 by Keith Alexander and Adrian Mayers
Editor’s Note: Retired Gen. Keith Alexander is chief executive officer of IronNet and Adrian Mayers is chief information security officer at healthcare insurance nonprofit Premera Blue Cross.
With a trove of valuable patient information and low tolerance for downtime, the healthcare sector continues to get hit hard by cyberattackers. Healthcare suffers the highest average cost of a breach for any sector — a figure that has increased 42% since 2020. Now that’s painful.
We can — and must — do better to staunch the impact of relentless cyberattacks on the healthcare sector, especially when most organizations essentially are victims of well-funded cybercrime activity carried out by highly organized cyber criminal outlets and nation-state attackers (e.g., North Korea).
- Related Resources & News
- Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience
- Health-ISAC Hacking Healthcare 2-3-2025
- Exploring the Cybersecurity Roles of Manufacturers and Healthcare Organizations During the Medical Device Lifecycle
- Impacts of Proposed US Import Tariffs on the Global Health Sector
- NY Blood Center Attack Disrupts Suppliers in Several States
- 2025 Newsletter – February
- DeepSeek’s Security Risk Is A Critical Reminder For CIOs
- $6.4m to combat health sector cyber threat
- Threat Bulletin: SimpleHelp RMM Software Leveraged in Exploitation Attempt to Breach Networks
- EU Commission Calls for Health Sector ‘Cyber Action Plan’