HHS watchdog urges cyber governance overhaul

Auditors say the U.S. Department of Health and Human Services should buttress its ability to respond to cyberthreats by standardizing governance and controls across its many divisions – and also do a better job of overseeing its many contractors and the risk they introduce.

A fractured approach to cybersecurity with varying controls across division and programs “complicate HHS’s preparedness efforts to prevent or respond to cybersecurity risks,” wrote the HHS Office of the Inspector General in one of two new reports published this week.

Auditors noted improvements but said that efforts to consolidate cybersecurity functions “is often still dependent on each division and program.”

Read more at Healthcare Info Security