New threat-sharing network for healthcare systems

The federal government has announced a $6.4 million investment to launch an Information Sharing and Analysis Centre (ISAC) for the Australian healthcare system.

In Australia and around the world, ISAC networks connect businesses and organisations across industries to help share information about cyber threats, as well as develop successful responses and preventative measures.

Mature ISACs are already operating in banking and finance sectors in Australia, but the government has acknowledged that government intervention to kick-start networks in other high-risk sectors is long overdue.

This pilot in health care is the first such intervention, but it is expected to pave the way for additional ISACs to be established in other industries.

Minister for Home Affairs and Cyber Security Clare O’Neil said, “The last two years has been the beginning of a big, overdue national journey to lift up cybersecurity across the country to better protect our citizens.

“Health care faces a vulnerability trifecta. Cybercriminals know that every Australian depends on these essential services — and that they cannot afford to be offline over extended periods.

Healthcare providers tend to hold highly sensitive data, and they often struggle with building and funding strong cyber protections.

“That’s why healthcare providers are one of the most common, and most damaging, targets of cyber attack. This is a pattern we see all over the world.

“Make no mistake — we expect Australian healthcare providers to step up and protect our citizens wherever possible. But government, too, needs to give them a hand.”

The Health ISAC Acceleration Grants Program will deliver grants over three years, with applications closing 23 July 2024, according to GrantConnect.

The program, said GrantConnect, aims to:

• establish a new ISAC, or upscale the operations of an existing ISAC, to facilitate ongoing industry-to-industry threat intelligence sharing within the health sector;
• improve capabilities with participating member organisations both to prevent, through emphasising hardening and resilience, and respond to cyber threats;
• establish an intelligence-sharing forum where participants interact and share information regarding cyber threats;
• drive benefit from, and provide benefit to, the National Cyber Threat Picture by ensuring any technical, machine speed threat intelligence sharing is compatible with the national cyber threat intelligence platform, Australian Signals Directorate’s Cyber Threat Intelligence Sharing (ASD CTIS);
• establish and maintain relationships with existing threat intelligence sharing forums to enable sharing of meaningful threat intelligence to the healthcare ecosystem.
   

For more information on the program and the eligibility criteria, visit business.gov.au.

Image caption: iStock.com/scanrail