The Australian government has announced a $6.4 million grant to the Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC) Australia to establish a new cyber threat information-sharing network for the healthcare sector. This initiative comes in response to the increasing number of cyberattacks on healthcare organizations in Australia, including hospitals, health funds, and clinics.
Cybersecurity has become a major concern for Australia’s healthcare industry. Recent data breaches have exposed sensitive medical and financial information, putting millions of Australians at risk. The healthcare sector has reported the most expensive data breaches globally for 13 consecutive years, with an average breach cost of AUD $10.93 million in 2023—almost double that of the financial industry.
With over 750 government hospitals, 650 private hospitals, and approximately 6,500 general practitioner clinics in Australia, the sector is vast and highly interconnected. It also relies on numerous third-party vendors and suppliers, further increasing its vulnerability to cyber threats.
Introducing the Health Cyber Sharing Network (HCSN)
CI-ISAC’s newly created Health Cyber Sharing Network (HCSN) will facilitate collaboration within the healthcare sector by enabling faster and more secure sharing of cyber threat intelligence. The goal is to break down information silos and create a more resilient healthcare cybersecurity environment.
David Sandell, CEO of CI-ISAC Australia, emphasized the importance of the initiative, stating, “The health and medical sector holds a large amount of incredibly private and personal medical and financial information. We have already seen several high-profile data breaches in the health sector, and the new network can help members reduce their cyber risks. Cyberattacks can also greatly disrupt important health services, and this industry cannot afford interruptions with patients’ wellbeing at stake.”
The National Cyber Security Coordinator, Lieutenant General Michelle McGuinness CSC, also supported the initiative, calling it a crucial step toward strengthening Australia’s cybersecurity posture. “We have seen in recent years the very real impact that healthcare-related cyberattacks can have on millions of Australians. Increasing threat information sharing contributes to the prevention of cyberattacks and builds resilience,” she said.
How HCSN Will Strengthen Healthcare Cybersecurity in Australia
By joining the HCSN, healthcare organizations will gain access to threat intelligence shared by CI-ISAC’s existing members, which span across 11 critical infrastructure sectors, including energy, telecommunications, and finance. This cross-sector intelligence exchange will help the healthcare industry identify and mitigate threats more effectively.
To encourage participation, CI-ISAC is offering complimentary 12-month memberships to eligible health and medical organizations and their suppliers. Through this membership, participants will receive:
- Cyber threat intelligence reports from CI-ISAC’s National Intelligence Office (NIO)
- Cross-industry cyber threat insights
- Education and training programs on mitigating threats, insider threat detection, and incident response planning
- Access to a trusted, industry-led information-sharing network
CI-ISAC’s existing 100+ members include major organizations such as Google Cloud AU, NBN, NextDC, and Transgrid, among others. The involvement of these entities ensures that shared threat intelligence is backed by high cyber maturity levels.
Mixed Reactions from the Industry
While the initiative has been widely appreciated, some experts have expressed skepticism. Josh Atlee, an ICT Security Systems Administrator, raised concerns on LinkedIn post, saying, “I hope they don’t host it on what they refer to as ‘bulletproof’ hosting because there is no such thing in reality. $84 million on a firewall filter that failed miserably, so I have very low hope. Does Australian medical practices have to be compliant with HIPAA?”
His concerns highlight the importance of ensuring that the initiative is backed by strong cybersecurity measures and compliance with international standards like HIPAA.
The Road Ahead
With cyberattacks on the rise, the launch of the Health Cyber Sharing Network marks a significant step toward building a more secure and resilient healthcare infrastructure.
As participation in the network grows, the effectiveness of this initiative will depend on strong collaboration among healthcare providers, government agencies, and cybersecurity experts. The success of the HCSN could set a precedent for similar initiatives across other sectors, reinforcing Australia’s ambition to become a global leader in cybersecurity by 2030.
