With critical infrastructure constantly under myriad threats, sector-focused information sharing and analysis centers and organizations collect, analyze and disseminate actionable cyber and physical threat information to stakeholders and provide them with tools to mitigate risks and enhance resiliency. To mark Cybersecurity Awareness Month, Threat Beat asked:
1) What is the most pressing short-term security concern in your sector?
2) What is one thing the public and/or industry/government can do now to address this?
Read the article in Threat Beat to learn how nine sectors responded to the above questions: Click Here
- Downstream Natural Gas Information Sharing and Analysis Center (DNG-ISAC)
- Electricity Information Sharing and Analysis Center (E-ISAC)
- Faith-Based Information Sharing and Analysis Organization (FB-ISAO)
- Food and Agriculture – Information Sharing and Analysis Center (Food and Ag-ISAC)
- Health Information Sharing and Analysis Center (Health-ISAC)
- Multi-State Information Sharing and Analysis Center (MS-ISAC)
- Oil and Natural Energy Information Sharing and Analysis Center (ONE-ISAC)
- Space Information Sharing and Analysis Center (Space ISAC)
- Water Information Sharing and Analysis Center (WaterISAC)
Health Information Sharing and Analysis Center
(Health-ISAC)
Jon Crosson, Director, Health Sector Resilience
1) THREAT: Many health-sector organizations continue to see ransomware as their top cyber threat. These attacks don’t just steal data; they encrypt critical systems (patient records, lab results, imaging, etc.), which can directly endanger patient care. The cybercriminals even threaten to publicly release or sell sensitive patient information unless a ransom is paid. Phishing remains one of the main attack vectors for ransomware in the health sector and it’s becoming more sophisticated and personalized by using public information, AI, etc.
2) ADDRESSING THE THREAT: Organizations should follow basic cybersecurity hygiene and can use the voluntary guidelines published from a joint public-private partnership between HHS and the Health Sector Coordinating Council Cyber Security Working Group. The Cybersecurity Performance Goals can be found here.
To start, I would focus on 1) patching (stay up to date on new vulnerabilities and patch promptly), 2) back up systems and data (and ensure you can restore if needed – practice this!) and 3) use multifactor authentication for all remote access and for all privileged access (and ensure MFA is enforced for all these accounts on a regular basis).
