HHS Releases Voluntary Cybersecurity Practices for the Health Industry

doctor-cyberattackOn Friday, December 28, the Department of Health and Human Services (HHS) released:  “Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients” [PDF]. The publication, aims to provide voluntary cybersecurity practices to healthcare organizations of all types and sizes, ranging from local clinics to large hospital systems.

The industry-led effort was in response to a mandate set forth by the Cybersecurity Act of 2015 Section 405(d), to develop practical cybersecurity guidelines to cost-effectively reduce cybersecurity risks for the healthcare industry. The publication marks the culmination of a two-year effort that brought together over 150 cybersecurity and healthcare experts from industry and the government under the Healthcare and Public Health (HPH) Sector Critical Infrastructure Security and Resilience Public-Private Partnership.

The HICP publication aims to provide cybersecurity practices for this vast, diverse, and open sector to ultimately improve the security and safety of patients. It explores the five most relevant and current threats to the industry and recommends ten Cybersecurity Practices to help mitigate these threats. The document presents real-life events and statistics that demonstrate the financial and patient care impacts of cyber incidents. It also lays out a call to action for all industry stakeholders, from C-suite executives and healthcare practitioners to IT security professionals, that protective and preventive measures must be taken now. The publication also includes two technical volumes geared for IT and IT security professionals. Technical Volume 1 focuses on cybersecurity practices for small healthcare organizations, while Technical Volume 2 focuses on practices for medium and large healthcare organizations. The last volume provides resources and templates that organizations can leverage to assess their own cybersecurity posture as well develop policies and procedures.

Public Input Sought on Federal Quantum Information Science Initiative

QIS Strategic Overview

In September 2018, the White House released a National Strategic Overview for Quantum Information Science [PDF] that directed federal research agencies to develop plans to ensure continued American leadership in QIS.  Towards that goal, the National Science and Technology Council through the National Science Foundation is seeking public input to inform this planning process. Responders are asked to answer one or more of the following questions:

1. What specific actions could the US Government take that would contribute best to implementing the policy recommendations in the Strategic Overview? What challenges, not listed in section 3, should also be taken into account in implementation of the Strategic Overview recommendations?

2. What are the scientific and technological challenges that, with substantial resources and focus over the next ten years, will transform the QIS research and development landscape?

3. Regarding industrial engagement, what roles can the U.S. Government play in enabling the innovation ecosystem around QIS-related technologies? Are there critical barriers for industrial innovation in this space? How can these barriers be addressed? What role can the U.S. Government play in mitigating early or premature investment risks?

4. How can the U.S. Government engage with academia and other workforce development programs and stakeholders to appropriately train and maintain researchers in QIS while expanding the size and scope of the `quantum-smart’ workforce?

5. What existing infrastructure should be leveraged, and what new infrastructure could be considered, to foster future breakthroughs in QIS research and development?

6. What other activities/partnerships could the U.S. Government use to engage with stakeholders to ensure America’s prosperity and economic growth through QIS research and development?

7. How can the United States continue to attract and retain the best domestic and international talent and expertise in QIS?

8. How can the United States ensure that US researchers in QIS have access to cutting-edge international technologies, research facilities, and knowledge?

NIST Releases Draft Recommendations to Enhance Federal R&D Commercialization 

In June, 2018, Arch Street participated in a stakeholder meeting at the National Institute of Standards and Technology (NIST) in Gaithersburg, Maryland as part of NIST’s Return on Investment Initiative, an effort led by the White House Office of Science and Technology Policy to “unleash American innovation” into the U.S. economy with a goal to maximize the transfer of Federal investments in science and technology to:

  • meet current and future economic and national security needs in a rapidly shifting technology marketplace and enhance U.S. competitiveness globally, and
  • attract greater private sector investment to create innovative products, processes, and services, as well as new businesses and industries.”

As part of this effort, NIST has released a draft green paper Return on Investment Initiative for Unleashing American Innovation [PDF] detailing steps to modernize the U.S. system of technology transfer and innovation. The actions outlined in the green paper would help maximize returns on the taxpayer investment in R&D.  The document makes recommendations across five key areas:

1 – Reducing Regulatory and Administrative Burdens
2 – Increasing Private Sector Engagement
3 – Promoting Entrepreneurship In Federal R&D
4 – Development of New Tech Transfer Tools
5 – Improved Metrics & Measurement of R&D Outcomes and Impacts

NIST will consider additional public feedback on the green paper by January 9, 2019, via roi@nist.gov. A final version is expected in early 2019.

 

DARPA to Host AI Colloquium

The DARPA AI Next campaign is a multi-year, upwards of $2 billion investment in new and existing programs to create the third wave of AI technologies. To raise awareness if this effort, DARPA is hosting an Artificial Intelligence Colloquium (AIC) from March 6-7, 2019 in Alexandria, Virginia. This event seeks to bring together the DoD research community and defense stakeholders to learn more about DARPA’s current and emerging AI programs, as well as discover how the myriad technologies in development could apply to their diverse missions.

During the two-day conference, attendees will hear from current DARPA researchers and program managers as they discuss work that is advancing the fundamentals of AI, as well as those programs that are exploring the technology’s application to defense-relevant challenges – from cyber defense and software engineering to aviation and spectrum management.

Federal Smart Cities Guidance Issued

NITRD Smart CitiesThe National Information Technology Research and Development (NITRD) Program issued has issued new guidance to federal agencies on Smart Cities entitled Connecting and Securing Communities.  The document instructs Federal agencies on how to enable U.S. cities and communities to build “smart” infrastructure, systems, and services.

Five high-level recommended practices are provided to inform Federal smart city and community efforts. Four effective approaches, illustrated by case studies from current and past Federal programs and projects, are provided to assist agencies in facilitating job growth and economic prosperity through Federally funded R&D in smart cities and communities.  The plan envisions agencies working with industry, local leaders, civil society, academia, and other key stakeholders to accelerate the development and implementation of new discoveries and innovations that enable cities and communities to achieve their local goals and address their most important challenges.