CyberCast: CMS Cyber Integration Center Leverages PenTesting to Protect Patient Data

The Centers for Medicare and Medicaid Services (CMS) Cyber Integration Center (CCIC) is the hub of cybersecurity strategy and response at the agency. The collaborative center focuses on internal assessments to protect sensitive patient data and improve threat detection.

Acting CISO Keith Busby explained how CCIC red, blue and purple security engagements teams are conducting Penetration Testing (PenTesting) to monitor the agency’s critical infrastructure and prevent malicious actors from causing devastating cyber attacks.

Busby shared details about the agency’s Risk Management Strategy, which uses secret scanning and other enterprise level technologies to mitigate risks. He also highlighted the Department of Health and Human Services (HHS) cyber performance goals agencies should be prioritizing to boost their resiliency.