“The Department of Veterans Affairs is requesting a $107 million increase to its FY2023 cybersecurity budget, providing greater funding to all areas of its broader information security program with a special focus on implementing zero trust precautions.”
“VA has sought to bring its overall IT systems in line with contemporary cybersecurity standards, part of a broader push across the federal government to implement measures like zero trust and protect against large spillover breaches like the 2021 SolarWinds attack, as well as mitigate the growing threat of ransomware attacks…”
“Much of VA’s cybersecurity focus rests on its rapidly modernizing health IT systems, with newly released budget documents outlining that ‘Modernizing VHA’s medical equipment, while improving its safety, cybersecurity and compatibility with VA’s electronic health record (EHR), requires deliberate systems engineering and extensive collaboration across VA lines of business and VHA clinical programs.'”
“This includes measures to protect both medical devices and patient information contained within the agency’s modernizing electronic health records system that is currently under its first wave of on-site rollouts.”
“Device security appears to be a particular focus of new funding allocations, with budgetary documents disclosing that ‘VA currently uses approximately 1,034,513 discrete medical devices across the enterprise to deliver healthcare to Veterans. Approximately 109,028 medical devices/clinical systems communicate on the VA information technology network and VHA – 342 Medical Services must be specially managed and routinely updated to address known and emerging cybersecurity risks.'”
“Over 10% of the requested VA cyber budget increase, totaling nearly $13 million, would go toward privacy and records management. The agency has requested a similar $13 million increase to CRISP (Continuous Readiness in Information Security Protection) operations ‘designed to reduce systemic information security risks across VA programs and systems to comply with federal security and privacy regulations.’ This represents a near 25% increase from 2022 CRISP budget, bringing its proposed total funding to $60 million in fiscal year 2023…” Read the full article here.
Source: VA Requests Over $100 Million Increase to Cybersecurity Budget – By Adam Patterson, April 11, 2022. GovCIO.