WASHINGTON - During a Senate Health, Education, Labor, and Pensions Committee hearing today, U.S. Senator Maggie Hassan introduced and questioned Dover’s Joshua Corman, founder of I Am The Cavalry, about how cybersecurity breaches jeopardize public health in New Hampshire and how the federal government can better provide cybersecurity resources to smaller health care and education entities.
To watch Senator Hassan’s introduction of Joshua Corman of Dover and questioning of hearing witnesses, click here.
At the start of the hearing, Senator Hassan introduced Corman and discussed his professional experience in the cybersecurity sector.
“Mr. Corman is a founder of a volunteer organization called I Am The Cavalry, which focuses on using the cybersecurity skills of its members to protect public safety. He also recently served as the Chief Strategist on the Cybersecurity and Infrastructure Security Agency, or CISA’s, COVID Task Force, where he worked to protect the health care sector from cyberattacks and cyberespionage as the COVID-19 pandemic strained the sector,” Senator Hassan said. “As someone who has worked with members of both parties to strengthen cybersecurity at all levels of government, especially in small communities, I appreciate Mr. Corman’s work very much.”
During the hearing, Senator Hassan and Mr. Corman discussed the impact of cybersecurity breaches on public health in New Hampshire.
“You have pointed out how dangerous cyberattacks can be to the health and safety of the public,” Senator Hassan said, addressing Mr. Corman. “In your written testimony, you stated that cyberattacks on hospitals and health care settings can lead to additional patient deaths, and the impact is not limited to just the health care setting directly affected, but also in the surrounding region. As you know, over the past few years, ransomware has shut down several hospitals and health care settings in and around New Hampshire, including the University of Vermont Medical Center and the Coos County Family Health Services.”
Mr. Corman addressed the impact that these cyber breaches had on the health of Granite Staters.
“The question we asked is ‘can cybersecurity make [ICU strain] worse?’ and we were able to use data science to measure that ‘yes it can,’” said Mr. Cornan. “Just anecdotally, many of those affected systems in our neighboring state of Vermont, a lot of those patients were redirected and absorbed in the institutions of your own state.”
“I just heard a very sad story yesterday of a cybersecurity professional in New Hampshire whose mother needed an ICU bed,” Mr. Cornan added. “There were none within a 50-mile radius. She had to be treated less attentively in the ER and subsequently passed away. Now, this is not: this hack hit this person who did this. It’s that we have finite capacity in our systems, especially during a pandemic and with the mass exodus of healthcare workers.… There’s only so much capacity and when we are cavalier about avoidable, preventable harm, it has consequences.”
Senator Hassan then asked the witnesses about how the federal government can make smaller health care and education entities aware of cybersecurity resources. In response, witnesses shared that targeted advice for different sectors, and outreach by higher education groups would be most effective.
Senator Hassan's questioning builds on her previous work to strengthen cybersecurity across all levels of government. For instance, Senator Hassan successfully secured her bipartisan amendment in the most recent annual defense bill to ensure that the National Guard can help state and local governments and businesses improve their cybersecurity. In addition, Senator Hassan worked to pass into law her measure to create a Cybersecurity Coordinator in every state to help federal, state, and local governments, as well as schools, hospitals, and other entities, coordinate and better protect their systems against cyberattacks. Senator Hassan also helped secure a measure in the bipartisan infrastructure law to create and fund a state and local cybersecurity grant program.
###