Addressing the Risks to Critical Healthcare Infrastructure through Information Superiority

Connectivity is arguably one of the most critical elements of the modern era and a significant enabler of our nation’s healthcare system. Connectivity allows us to conduct business collaboratively, remotely control physical infrastructure, and provide both access and dissemination for a world of information.

The unfortunate side effect of this connectivity is that it also allows malicious actors to disrupt, disable, and threaten networked products and services upon which we rely. Cyberspace allows for the movement of traditional crimes into a virtual world, where they are more difficult to identify, investigate, or stop. Of particular concern to the healthcare industry are the vulnerabilities of collaborative databases with vast amounts of sensitive personal information and a continuously increasing amount of networked life-critical systems. As these systems become increasingly connected, there exists an amplified potential for large-scale, high-consequence attacks that could cripple an industry upon which the daily lives of Americans depend.

Information superiority is an advantage obtained by effectively collecting, processing, and disseminating information and denying an adversary the same. It is an essential link in efforts to limit the risks posed by cyber connectivity, providing access to timely and relevant threat information, the means to safeguard critical and sensitive information, and the ability to coordinate response strategies between stakeholder organizations to reduce vulnerabilities and manage the consequences of incidents.

GT2’s Center for Threat Management is a non-profit research organization established to provide the knowledge and practical expertise necessary to manage the effects of threats to commerce, critical infrastructure, and national security. CTM programs in cyber threat awareness and consequences management focus on understanding the hazards posed by cyber connectivity, as well as the impacts of interdependency, the inherent value of information, and the processes and partnerships by which identified threats can be mitigated.