The US government introduced a $50 million program called UPGRADE to enhance cybersecurity in hospitals, automating vulnerability management to ensure quick deployment of patches with minimal disruption to critical healthcare services. The initiative focuses on developing cybersecurity tools to tackle the challenge of managing internet-connected devices unique to each healthcare facility, aiming to reduce delays in security patches caused by the necessity of keeping hospital infrastructure online. The program, led by ARPA-H, involves creating a vulnerability mitigation software platform, developing digital twins of hospital equipment, detecting vulnerabilities, and developing custom defenses
The initiative is part of efforts to strengthen healthcare cybersecurity resilience following recent ransomware attacks on healthcare organizations, emphasizing the importance of proactive cybersecurity measures to safeguard patient care and critical healthcare services. https://www.infosecurity-magazine.com/news/us-program-hospitals-patch/