The Australian government has granted $6.4 million to kickstart a new cyber threat-sharing network between organisations in the health sector.
First announced in June 2024, the Albanese-led grant has been awarded to not-for-profit cyber threat intelligence provider CI-ISAC.
Using the $6.4 million investment, CI-ISAC has created a new Health Cyber Sharing Network (HCSN) to help domestic health sector organisations exchange valuable cybersecurity threat information more quickly, securely and confidentially.
“The health and medical sector holds a large amount of incredibly private and personal medical and financial information,” said David Sandell, CI-ISAC Australia chief executive.
“We have already seen several high-profile data breaches in the health sector, and the new network can help members reduce their cyber risks.”
The grant was introduced after a string of unprecedented healthcare cyberattacks hit the likes of health insurer Medibank and prescriptions company MediSecure, alongside lesser-publicised incidents at St Vincent’s Health Australia and Medlab Pathology.
When funding was first flagged in June last year, the government acknowledged its intervention on kickstarting such information sharing capabilities was “long overdue”.
Posited as a “cyber neighbourhood watch” CI-ISAC said the HCSN will not only help eligible health organisations “collaborate and break down information silos”, but will also benefit from insights gained across other critical infrastructure sectors such as government, financial services and transport.
“Cyberattacks can also greatly disrupt important health services, and this industry cannot afford interruptions with patients' wellbeing at stake,” said Sandell.
CI-ISAC has served such notable organisations as Google Cloud AU, NBN and the Department of Industry, Science and Resources – with its current members spanning all of Australia’s 11 critical infrastructure sectors.
The company is currently offering complimentary 12-month memberships to eligible organisations.
Sharing is caring
CI-ISAC chief executive David Sandell told Information Age that in practice, the HCSN gives eligible health organisations access to “a number of different forums and services to share and consume information on cyber threats”.
“Our national intelligence office triages, analyses and helps build context to put recommendations around important cybersecurity information being shared among members,” said Sandell.
“That ultimately leads to an advisory for the receiving health organisation – say a clinic, pharmacy or hospital – which actually makes sense to a human and iterates what the threat is, and what needs to be done about it.”
Further to incorporating education for the health sector on attack surface monitoring, incident response plans, and cyber and insider threat training, Sandell explained members will receive “actionable summaries” which enable them to assess their risks and make appropriate mitigations or system changes.
When asked about the unique challenges of offering a threat intelligence service in healthcare, Sandell emphasised there is “significant overlap and commonality” in the threats facing critical infrastructure sectors.
“The government has identified the healthcare sector of needing initial support, so we’re leveraging the learnings from mature sectors – the information sharing – to help benefit those healthcare entities,” he said.
Prevention better than cure
CI-ISAC noted that in 2023, the global healthcare industry reported the most expensive data breaches for the 13th year in a row, at an average cost of $10.93 million.
Domestically, the most recently available statistics under the Notifiable Data Breach scheme show health service providers have remained the leading category to report data breaches for 18 months, accounting for 19 per cent of all notifications received in the first half of 2024.
CI-ISAC added healthcare is the first sector to receive formal funding for an information sharing and analysis centre under the 2023-2030 Australian Cybersecurity Strategy – specifically under an early Threat Sharing Acceleration Fund piloted through the health sector.
Australia’s national cybersecurity coordinator, Lieutenant General Michelle McGuinness, said the grant marked an “important contribution” to Australia's ambition to become a world leader in cybersecurity by 2030.
"Many in the healthcare sector would know well the philosophy that prevention is better than a cure,” said McGuinness.
“This also applies to cybersecurity and is the driving concept behind this grant.”