The European Commission unveiled its much-anticipated “action plan” aimed at reducing cyberattacks in the healthcare sector, which has been the most targeted industry in Europe over the past four years. However, the plan notably excludes any new funding, directing healthcare entities to existing resources instead.
Guidance Without Financial Backing
The plan proposes measures such as issuing cybersecurity guidance and providing a catalog of services that healthcare providers can leverage. Despite acknowledging the limited cybersecurity budgets across the EU, the Commission did not allocate additional funds for these initiatives.
Instead, the plan directs hospitals and healthcare providers to existing EU funding opportunities through programs like Digital Europe and Horizon Europe.
“Cybersecurity should be seen not as an expense but as an investment in protecting patient care and data,” a Commission spokesperson said.
Member States Hold the Reins
A critical challenge lies in the fact that healthcare security remains primarily under the jurisdiction of individual EU member states. While the EU’s NIS2 directive designates healthcare as critical infrastructure requiring specific security standards, implementation of the directive has been uneven.
As of now, only six of the EU’s 27 member states have incorporated the directive into their domestic laws, despite the October 2024 deadline.
Ransomware: A Persistent Threat
The Commission underscored the real-world impact of ransomware attacks on healthcare, pointing to incidents in Romania, France, Belgium, and Spain. Such attacks have caused delays in medical procedures, emergency room gridlocks, and raised the specter of potential loss of life.
Though no deaths have been definitively linked to these attacks, the implications are alarming, particularly as healthcare organizations struggle to implement effective cybersecurity measures.
ENISA’s Role: Limited Scope
The action plan tasks the EU Agency for Cybersecurity (ENISA) with creating a dedicated European Cybersecurity Support Centre for hospitals. However, this center will primarily offer guidance and provide a catalog of available services rather than direct, hands-on support.
Cloud Security and Resource Challenges
The plan also highlights broader issues facing the healthcare sector, including the inability to securely implement cloud services due to resource constraints. It encourages cloud service providers to include baseline security features but stops short of proposing any regulatory intervention.
A Period of Consultation
The Commission has opened the plan for consultation with member states and other stakeholders. The finalized version is expected in late 2025, leaving critical questions about implementation and funding unanswered in the meantime.
What This Means
The lack of new funding and direct support highlights the EU’s reliance on member states to shoulder the burden of protecting critical healthcare infrastructure. While the action plan provides guidance, the absence of enforceable measures and fresh financial resources raises concerns about whether these efforts will translate into meaningful change.
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
