Connect with us

Hi, what are you looking for?


Incident Response

Healthcare Industry Plans Cyber Attack Simulations

Industry-Wide Cyber Attack Exercises to Help Cyber Threat Preparedness and Response Coordination for the Healthcare Industry

Industry-Wide Cyber Attack Exercises to Help Cyber Threat Preparedness and Response Coordination for the Healthcare Industry

An upcoming series of cyber attack simulations for the healthcare industry hopes to help organizations prepare for emerging cyber threats and develop a better understanding of the industry’s cyber threat response readiness.

Dubbed “CyberRX”, the cyber attack simulation initiative will be led by the Health Information Trust Alliance (HITRUST) and will include the participation of providers, health plans, prescription benefit managers, pharmacies and pharmaceutical manufacturers, and the U.S. Department of Health and Human Services (DHHS). CyberRX will include two exercises, the first scheduled to place over a two-day period in the Spring of 2014, and the second during the Summer of 2014.

According to HITRUST, the exercises will examine both broad and segment-specific scenarios targeting information systems, medical devices and other essential technology resources of the healthcare industry.

HITRUST, which works with CISOs and CSOs of the nations’ largest healthcare organizations, the Department of Health and Human Services, and Department of Homeland Security, said the results will be used to evaluate the industry’s response and threat preparedness against attacks and attempts to disrupt U.S. healthcare industry operations.

CyberRX Cyber Attack Simulation

The Spring 2014 CyberRX exercise will include 12 organizations, HITRUST said. The group is mostly comprised of Summit participating organizations, such as Children’s Medical Center Dallas, CVS Caremark, Express Scripts, Health Care Service Corp, Highmark, Humana, UnitedHealth Group, and WellPoint.

“We have been coordinating and collaborating with HITRUST to enhance the resources available to the healthcare industry,” said Kevin Charest, chief information security officer, U.S. Department of Health and Human Services. “Our goal for the exercises is to identify additional ways that we can help the industry be better prepared for and better able to respond to cyber attacks. This exercise will generate valuable information we can use to improve our joint preparedness.”

Advertisement. Scroll to continue reading.

“I feel strongly that these exercises are needed as a crucial step in the healthcare industry’s continued maturity around cyber threat preparedness and response,” said Roy Mellinger, vice president and chief information security officer, WellPoint. “It will allow organizations to evaluate and improve their processes and identify gaps in what is needed industry-wide and from government.”

“As cyber threats continue to increase and the number of attacks targeted at healthcare organizations rise, industry organizations are seeking useful and actionable information with guidance that augments their existing information security programs without duplication or complication,” said Daniel Nutkis, chief executive officer at HITRUST.

These types of cyber exercises and cyber attack simulations are becoming more popular among industry organizations, government, and academia.

Late last year, dozens of London-based banks joined other financial institutions for a giant exercise to test their defenses against a cyber-attack. Dubbed “Waking Shark II“, details of the exercise were kept secret, but sources said it tested how banks coped with a sustained attack, focusing in particular on investment banking systems. 

In November 2013, NATO launched a series of cyber exercises to practice warding off massive, simultaneous attacks on member states and their partners.

In April 2012, Lockheed Martin, hosted emerging cyber leaders from U.S. and Canadian military service academies to test their capabilities against experts from the National Security Agency in the annual Cyber Defense Exercise (CDX).

In February 2013, HITRUST established a new working group to focus on developing an information sharing framework to address cyber-security incidents in the healthcare sector. The HITRUST Cybersecurity Working Group will address elements of the White House executive order to protect healthcare data and patients, HITRUST said.

Healthcare organizations interested in participating in the Summer 2014 CyberRX exercise can learn more here.

The findings learned from CyberRX will be compiled into a report and distributed to the industry and presented at HITRUST 2014 in April 2014.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Artificial Intelligence

ChatGPT is increasingly integrated into cybersecurity products and services as the industry is testing its capabilities and limitations.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...