Monthly Newsletter – September 2020
September newsletter highlights include:
- Upcoming H-ISAC Summit updates
- H-ISAC Board of Directors election information
- H-ISAC and HSCC call to participate in the Joint Cybersecurity Working Group
- H-ISAC Products & Services Satisfaction Survey
- H-ISAC Shared Services updates – Third Party Risk Scoring with Security Scorecard
- Upcoming workshops and webinars
Pdf version
Plain Text version:
H-ISAC European Summit
Postponed to 2021
With so many H-ISAC member organizations on continued travel restriction surrounding COVID-19, the Health-ISAC Summit Committee has made the difficult decision to postpone this year’s European Summit, which was scheduled to commence next month 20-22 October in the Netherlands. Health-ISAC Events staff are working hard on logistics to change this Summit and the new dates in 2021 will be announced soon. Thank you to all those who turned in presentations and sponsorships; you will be contacted shortly with important information.
H-ISAC Hybrid Fall Summit
Join Health-ISAC for its First Hybrid Summit—both Virtual & In-Person
H-ISAC is excited to bring the best of both worlds to the November 30—December 4 Fall Summit. Those able to travel are invited to come to Phoenix, Arizona for in-person sessions and those with travel restrictions will be able to participate using a new virtual platform.
The Summit Committee is diligently reviewing paper submissions and presenters will be notified September 14. Look for registration to open mid-September.
H-ISAC Board Elections
This year’s Health-ISAC Board election nominations are now closed. Ballots will open for voting in early October. As mentioned in last month’s newsletter, the POC from each member organization will vote on the proposed slate of candidates prepared by the Nominating Committee and approved by the Board.
Board Elections are an opportunity to step forward and make a difference. Serving on the Health-ISAC Board is a position to be an advocate for security maturity both within your own organization and for the global health and public health critical infrastructure. Board members can provide opportunities and circumstances that take down barriers and make it easier to collaborate and share for the benefit of all organizations within the healthcare sector and the patients they serve.
Prepare Now for Next Year’s Elections
The best way to become eligible as a Board candidate is to raise your hand and get involved. H-ISAC seeks senior leadership members who participate in working groups, attend and present at H-ISAC Summits and workshops, contribute to the shared data, and respond to member questions on our communication platforms. Each Board member is comprised of a plethora of different work experiences and contributes a vital service to the H-ISAC community.
HEALTH-ISAC and HSCC
Call to Aid Development of Actionable Best Practices for Healthcare Subsectors
Many H-ISAC members are involved with the Health Sector Coordinating Council (HSCC), a U.S. federal advisory committee established to work collectively with the government to address policy and strategic challenges shared across all 6 of the critical healthcare subsectors – Direct Patient Care; Health Information Technology; Health Plans & Payers; Labs, Blood & Pharmaceuticals, Mass Fatality Management Services; and Medical Materials. H-ISAC and HSCC are considered complementary functions for critical infrastructure protection – H-ISAC for tactical and operational preparedness and response, and HSCC for longer-term strategic and policy thinking.
Actionable best practices and recommendations are continually being developed by the HSCC Joint Cybersecurity Working Group (JCWG) to improve the security and resiliency of the sector. The success of on-going projects is defined by the time and human capital an organization is willing to commit. The JCWG has produced 10 guidance documents
and 5 policy letters in the past 18 months (https://healthsectorcouncil.org/hscc-recommendations/) with several more in the pipeline for publication before the end of the year.
Please participate in this important responsibility. For more information about task group objectives and membership expectations, please request information within https://HealthSectorCouncil.org /contact/.
SHAPE H-ISAC MEMBER SERVICE OFFERINGS
H-ISAC Products & Services Satisfaction Survey
H-ISAC is currently asking for input regarding current services. Please take the 2020 P&S Satisfaction Survey at
https://www.surveymonkey.com/r/PSSat20. Additionally, if you are interested in new products or services for
education, medical device security, or third-party risk, please take the appropriate survey on the H-ISAC Portal.
Third-Party Risk Scoring Update — SecurityScorecard
H-ISAC members are eligible for complimentary access to
SecurityScorecard.
See the details at https://h-isac.org/securityscorecard/, Since the
launch in April, 42 members have signed up. The following are
H-ISAC consolidated statistics due to the use of SecurityScorecard:
Average Vendors Followed by Members | 93 |
Total Vendors Followed by Members | 2,242 |
Average Issues Resolved by Followed Vendors | 4,983 |
Total Issues Resolved by Followed Vendors | 579,978 |
Average Followed Vendor Score Improvement (30 days) | 1.8% / .7 Pts |
Average Followed Vendor Score Improvement (60 days) | 3.0 % / 1.2 Pts |
Shared Services Webinar
How Blue Cross and Blue Shield of Kansas City
Broke Down Their TPRM Silos with Prevalent
Webinar date: September 17th at 1pm ET
Registration link:
https://lp.prevalent.net/2020-09-17_BCBS_Webinar_H-ISAC.html
UPCOMING WORKSHOPS AND WEBINARS
Find registration links here https://h-isac.org/events/
H-ISAC Navigator Webinar
How to Stay Ahead of Maze and WastedLocker
Ransomware by SafeBreach
Webinar date: September 16 at 1pm ET
Registration link:
https://h-isac.org/hisacevents/how-to-stay-ahead-of-maze-and-wastelocker-ransomware-by-safebreach/
Cyber-Risk Planning Workshop: Remote Care
September 17th at 11am-1pm ET
AEHIS/CHIME and H-ISAC are hosting a Virtual Cyber-Risk Planning
Workshop on Remote Care for members across both organizations.
H-ISAC European Council Webinar Series
September 11 at 11am GMT
The theme is Red Teaming and will explain the use of Bloodhound to
identify & remediate security gaps.
H-ISAC Webinar: Cybersecurity Resilience in the World of COVID-19
September 18 at 1pm ET
In this H-ISAC webinar, experts discuss real world security experience during the pandemic.
H-ISAC Virtual Security Workshop—Germany
Two Half day sessions September 23/24
Data privacy regulations in Germany;KRITIS 2.0 lessons learned; Healthcare security and Medical Device regulations.
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why