H-ISAC White Paper – “It’s not who’s first…it’s who puts the industry first”
“It’s Not Who’s First…
It’s Who Puts The Industry First“
By:
H-ISAC Threat Intelligence Committee
Jim Routh, CSO Aetna Global Security
H-ISAC – “The healthcare industry has been hit with two significant and subsequent cyber challenges in recent weeks (WannaCry and Petya) both of which caused business impact for several organizations and in both cases the damage was largely mitigated across the industry. This information is widely known; what is not widely known is what the role of information sharing was between private industry and the public sector specifically between the H-ISAC Threat Intelligence Committee members (TIC) and the HHS Healthcare Cybersecurity Communications and Integration Center (HCCIC). In times of cyber crisis it is imperative for all enterprises to understand what the indicators of compromise (IOCs) are, how the malware works and spreads, and ultimately what controls are effective. These three steps appear to be simple but can be illusive without the right access to cyber communities that share resources and analysis. The HCCIC supported the emergency response team in the HHS Secretary’s Operations Center (SOC) throughout both the WannaCry and Petya incidents. The HCCIC is how HHS carries out its cybersecurity responsibilities as directed in Presidential Policy Directive 41 and the National Cyber Incident Response Plan from the US Computer Emergency Readiness Team or US-CERT. The H-ISAC is the primary interface from the private sector for the HCCIC to share information and respond in times of business resiliency crisis.”
- Related Resources & News
- Health-ISAC Hacking Healthcare 10-15-2024
- Health-ISAC Welcomes Booz Allen Hamilton to the Ambassador Program
- Health-ISAC Hacking Healthcare 10-9-2024
- Monthly Newsletter – October 2024
- Health ISAC leads effort to transform SBOM information sharing under CISA-facilitated community work
- CyberEdBoard Insights: Phil Englert and Errol Weiss
- Health-ISAC Hacking Healthcare 9-10-2024
- Strengthening Healthcare Cybersecurity: Lessons from Recent Supplier Attacks
- Specialize in Securing Critical Infrastructure
- How AI is transforming cybersecurity, on defense and offense