HHS addressed last month's worldwide ransomware attack through collaboration and communication, Adriane Burton, CIO of HHS' Health Resources and Services Administration, told Federal News Radio.
Ms. Burton said chief information security officers across HHS agencies started conference calls when WannaCry reports rolled out May 12, and HRSA even sent its security personnel to a HHS security operations center.
"We had different conference calls probably about every five hours in terms of what was the status, and then there were calls internally within HHS and also externally with different healthcare providers to make sure they were aware of the WannaCry as well," she told Federal News Radio.
Ms. Burton highlighted the importance of collaborating with outside organizations — such as healthcare providers and third-party vendors — in addition to HHS agencies.
"Just because we outsource or contract out different capabilities to vendors, it doesn't mean we aren't responsible for them," she told Federal News Radio.