Monthly Newsletter – March 2024
March’s Newsletter features:
- Health-ISAC Reacts — A Community for Immediate Response
- APAC Summit — Registration Still Open
- Now Available — A Productive Month for Sharing Actionable Resources
- Spring Americas Summit — Early Bird Registration Open
- Health-ISAC — News and Podcasts
- Health-ISAC Workshop — Enhancing Threat Awareness and Preparedness for Active Shooter/Hostile Event Response (ASHER) Attacks in Health Services Facilities
- RSA — Health-ISAC Member Meet-up, May 6th, 7-9 pm. RSVP opening soon
PDF:
Text version:
A Community for Immediate Response
Hours after the Change Healthcare incident was announced on February 21, Health-ISAC created a dedicated channel on Secure Chat to bring Members together to share desperately needed advice as organizations clamored for information needed to frame up their own response strategies. Just a few days later, over 600 people had joined the channel and more than 1,000 messages had been posted.
Members shared defensive strategies, threat intelligence, countermeasures, controls, and concerns. Operational impacts, workarounds, and threat-hunting tips were also big topics.
There was even a little fun in the dedicated chat as participants blew off some steam occasionally, especially to complain about not-so-useful information coming from a variety of sources.
This experience just reiterates the value a strong information-sharing community can deliver when an incident happens. Members worked together as a sector to identify gaps, impacts and actions needed to stay resilient and ultimately deliver patient care.
Errol Weiss
Health-ISAC
Chief Security Officer
COLLECTIVE SECURITY
The 2024 Health-ISC APAC Summit is Only 15 Days Away!
Speakers from across the globe are gearing up to connect with health sector security peers in Melbourne, Australia.
The last day to register is March 17.
Register and view the agenda here
https://h-isac.org/summits/2024-apac-summit/
Some Agenda Highlights
MONDAY – Attend the Hands-On with Google Chronicle workshop
TUESDAY – Catch a Member-led Round Table discussion such as Co-ordinated
Vulnerability Disclosure or Responsible AI Governance.
THURSDAY – Featured Speaker: Adam Dobell, former first secretary of the Australian government, will assess Australia’s cyber strategy and policy approach.
Champions of Security
Health-ISAC 2024 Spring Americas Summit
Keynote Announcement
David Kirk – Vice President of Strategy at Intermountain Health, will explore the future of healthcare.
Registration rises on April 20.
On-Site Rooms Go Fast – reserve today!
https://h-isac.org/summits/2024-apac-summit-hotel/
A Productive Month for Sharing Actionable Resources
These white papers are written by Health-ISAC analysts, Member-led working groups, or in collaboration with partners such as the American Hospital Association to provide Health sector leadership with resources and recommendations for strategic decision-making.
https://h-isac.org/hobby-exercise-2023-after-action-report/
HEALTH-ISAC NEWS AND PODCASTS
Healthcare Hack-tisim – Health Stealth Radio Podcast
Guest Denise Anderson kicked off the inaugural episode with Host Frank Cutitta, in cooperation with CHIME and Digital Health Insight
Listen to the podcast here: https://h-isac.org/health-stealth-radio-s1e1-denise-anderson-president-and-ceo-of-health-isac/
What Keeps Healthcare CISOs Up at Night? – Podcast in Cy Beat
Errol Weiss and Michael Bray share how quickly bad actors use new technology to create sophisticated attacks on valuable healthcare data.
Listen to the podcast: https://h-isac.org/cy-beat-podcast-what-keeps-healthcare-cisos-up-at-night/
HEALTH-ISAC ASHER WORKSHOPS
Is Your Healthcare Organization Prepared for Physical Threats?
Enhancing threat awareness and preparedness for Active Shooter/Hostile Event Response (ASHER) attacks
March 27 – Virtual 1:30-4 PM ET
April 16 – Virtual 1:30-4 PM ET
May 20 – Spring Americas Summit
HEALTH-ISAC WILL BE AT RSA 2024
San Francisco – May 6-9
Keynote speaker: J. Trevor Hughes, President & CEO of IAPP will speak on The Art of Possible
Health-ISAC Member Meet-up, May 6th, 7-9 pm. RSVP opening soon
ENGAGING TALKS & CONTRIBUTIONS – EXCLUSIVE MEMBER WEBINAR
In this March 28th webinar, Censinet CISO Chris Logan will discuss early insights from the 2024 Benchmarking Study, and how participants can drive immediate and long-term value from peer benchmarking.
Highlights include:
- How adoption of recognized security practices like NIST and HICP correlate with cyber insurance cost growth
- How CISO program ownership impacts NIST and HICP coverage levels
- How third-party risk management coverage levels rank across the industry
MARCH Health-ISAC EVENTS – Learn more and register HERE
https://h-isac.org/events/
March 7 Healthcare Cybersecurity Workshop & Exercise – San Diego, California – Hosted by Rady’s Children’s Hospital
March 13 Healthcare Cybersecurity Workshop & Exercise – Carrollton, Texas – Hosted by Cencora
March 16 T-SIG Webinar for SMB Members -Monthly on the 2nd Thursday at 11:30 AM ET
March 19-21 APAC SUMMIT – Cape Schanck, Melbourne, Australia
March 26 Member Monthly Threat Briefing – Virtual at 12 PM EST
March 27 European Member Monthly Threat Briefing – Virtual at 3 PM CET
March 27 ASHER Workshop (details highlighted directly above)
March 28 Engaging Talks & Contributions – Monthly on the last Thursday at 12pm ET
April 10 Healthcare Cybersecurity Workshop & Exercise – Rosslyn, VA – Hosted by Humana, sponsored by Acalvio
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why