Last week, the U.S. Department of Health and Human Services (HHS), through the Administration for Strategic Preparedness and Response, announced new efforts in ongoing work to protect the healthcare sector from cyberattacks. What’s new is a set of cybersecurity performance goals that are designed to improve the response to attacks and minimize residual risk. A recent analysis by HHS reports that federal law enforcement agencies are now treating cyberattacks on hospitals as “threat to life” crimes, and that rural hospitals face additional challenges, including antiquated hardware and software systems, rising cybersecurity insurance premiums, and securing talent with the right technical skills.