Security chief touts the value of HICP, a cyber preparedness 'cookbook' with recipes for readiness

[InfoSec News <alerts () infosecnews org>]

https://www.healthcareitnews.com/news/security-chief-touts-value-hicp-cyber-preparedness-cookbook-recipes-readiness

By Mike Miliard
Healthcare IT News
November 20, 2019

In December of 2018, the U.S. Department of Health and Human Services 
published a four-part document known as Health Industry Cybersecurity 
Practices: Managing Threats and Protecting Patients.

The document, known by the acronym HICP (and pronounced like the reflexive 
sound one might make after eating too quickly), offers extensive voluntary 
cybersecurity tips and best practices to help healthcare organizations – 
whatever size or shape they might be, and wherever they are with their 
security readiness – some tried-and-true advice and achievable steps to 
take to improve their posture.

As required by Cybersecurity Act of 2015, section 405(d), HICP was drafted 
to help hospitals and medical practices more cost-effectively mitigate 
their cybersecurity risks. It was a two-year effort, compiled by 150 
healthcare and infosec experts, from the public and private sectors.

One of them was Erik Decker, chief security and privacy officer at 
University of Chicago Medicine, who served as industry co-lead on the 
project.

"We heard loud and clear through this process that providers need 
actionable and practical advice, tailored to their needs, to manage modern 
cyber threats," Decker explained upon HICP's publication in 2018. "That is 
exactly what this resource delivers; recommendations stratified by the 
size of the organization, written for both the clinician as well as the IT 
subject matter expert."

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_