Monthly Newsletter – November 2021
November newsletter Highlights:
- H-ISAC’s 2021 Summit in Europe — Wrap up
- H-ISAC’s Fall Americas Summit — 4 weeks away…Have you registered and booked your room
- H-ISAC’s 2022 APAC Summit — Call for Papers opens 10 November, 2021
- Working Group Spotlight — Cybersecurity Awareness and Training Working Group
- Community Services Spotlight — Salt
- Upcoming Virtual Events/Webinars
Pdf version:
Text version:
Health-ISAC Summit, Netherlands An In-Person Success!
The second Health-ISAC European Summit was a great success! Held at the historic yet thoroughly modern Duin & Kruidberg Estates, attendees discussed current trends of healthcare security and innovative ways to maintain resilience. The discussion was robust and engaging and the group enjoyed the many networking opportunities the event offered.
A few speaker highlights include the Law Panel, Keynote Mikko Hypponen, who explained how a cyber arms race is currently in motion. A security panel from Prague spoke on current trends in cybersecurity. Summit sponsors Mastercard offered compelling data on third party risk in the Healthcare sector, while Intel471 took attendees on a deep dive into ransomware. Several members shared their unique use case scenarios and there is already buzz about the next Summit. Thank you to everyone who connected in Santpoort-Noord.
Time is Running Out…Book your hotel by November 5th
for the Fall Americas Summit!
San Diego, Nov 30—Dec 2, 2021
The S.S. H-ISAC is preparing to set sail for its 3-day tour to Intelligence Island. The island crew has been hard at work to ensure all castaways will be comfortable on this tropical island. An abundance of intelligence has washed up on the shore, so get ready for over 1800 minutes of informative sessions and more than 1200 minutes of networking opportunities with a growing number of attendees – 250 and counting! The Summit platform goes live November 8.
Register here: https://h-isac.org/summits/intelligence-island-fall-2021-summit/
Catch up on vintage Gilligan’s Island episodes on an outdoor screen with games on the beach. Dine with Orcas at Sea World. Summit emcee will be Emmy award winning consumer technology expert, Katie Linendall https:// katielinendoll.com/about.
Top 10 Health Related Cyber and Physical Security Events for November
Foreign Hacking Group Targets Hospitals, Clinics with Ransomware Attacks, Says New Report
Blackbyte Ransomware Decryptor Released to Recover Files for Free
US Authorities Issue BlackMatter Ransomware Alert
New Jersey Infertility Clinic Settles Data Breach Investigation with State and Pays $495,000 Penalty
EU Legislation Introduced to Ban Anonymous Domain Registration
Microsoft October 2021 Patch Tuesday: 71 Vulnerabilities, Four Zero-Days Squashed
Premier Patient Health Care Alerts Patients About Insider Data Breach
Data Breach Volumes for 2021 Already Exceed 2020 Total
Patient to be Charged After Discovery of Pipe Bomb Leads to Temporary Shutdown of ER
Health-ISAC APAC Summit
22-24 March 2022 in Singapore
Call for Papers opens 10 November!
Submit papers here: https://h-isac.org/events/
Anticipation for this inaugural Summit has been building since before the pandemic. Mark your calendar to join us in Singapore this spring. Join the content committee to help shape an informative agenda.
Interested members, please email Contact@h-isac.org
THREAT OPERATIONS CENTER
ACTIONABLE THREAT INTELLIGENCE
The Health-ISAC Threat Operations Center (TOC) works in coordination with the Health-ISAC Threat Intelligence Committee (TIC) to produce actionable threat intelligence. Observances noted by a TIC member are first investigated and corroborated by TOC intelligence analysts, reviewed by all TIC members, and then shared with Health-ISAC membership at large. These reports include recommendations and mitigation strategies and have been disseminated, in some cases, less than 24 hours after the initial observances of the threat. This timely generation of intelligence occurs in hope that such coordination can have a meaningful impact on the Health-ISAC membership and the overall security of the global healthcare sector. Members interested in being part of the TIC, please email Contact@h-isac.org
WORKING GROUPS
Attend the “CAT” WG Open Meeting!
December 8, 2021 – 10:00-11:00 am ET
The Cybersecurity Awareness and Training Working Group (CAT WG) is a confidential forum of Cybersecurity leaders and professionals from Health-ISAC member organizations focused on the education, development and knowledge-sharing of cybersecurity awareness and training materials and best practices
In lieu of a roundtable at this year’s Fall Summit, join us for a discussion with opportunities to ask questions and share ideas!
Interested? Email us here: Contact@h-isac.org
COMMUNITY SERVICES
API Security Risk Assessment from Salt
We’re excited to introduce our newest community leader, Salt Security. Salt provides API security across the full API lifecycle, with continuous discovery, attack prevention, and remediation.
Salt Security protects the APIs at the core of modern healthcare applications, using machine learning and AI to automatically and continuously identify and protect APIs. Deployed in minutes, it learns the granular behavior of APIs and requires no configuration or customization to pinpoint and block API attackers.
SALT is offering H-ISAC Members a no-cost API security risk assessment, and any member who purchases the SALT solution will receive three free months of API protection. Learn more here: https://h-isac.org/community-services/.
UPCOMING EVENTS —
Or visit our Events Page
Health-ISAC Hobby Exercise
In Washington, D.C.
November 2
https://h-isac.org/hisacevents/23870/
Health-ISAC “Continue the Discussion”
Open discussion on awareness and remote user engagement
November 3 at 8am ET
https://h-isac.org/hisacevents/continue-the-discussion-webinar-open-discussion-on-awareness-and-remote-user-engagement-and-tprm-oversight/
H-ISAC TOC Spotlight Webinar:
Creating & Maturing Your Medical Device Risk Program
November 4 at 12:00 pm ET
https://h-isac.org/hisacevents/h-isac-toc-spotlight-webinar-creating-maturing-your-medical-device-risk-program/
Rethinking Resiliency: Final Exercise in Series
Target Audience: Europe
Thursday, November 18 from 9am-12:30pm EST
Exercise sponsored by ORDR
https://h-isac.org/hisacevents/rethinking-resiliency-a-virtual-exercise-series-6/
Adaptive Risk Management for CISOs in the Healthcare Industry
by Health-ISAC Navigator, Risk Recon, a Mastercard company
November 10 at 2pm ET
https://h-isac.org/hisacevents/adaptive-riskmanagement-for-cisos-by-mastercard/
Protecting Healthcare from Ransomware and Identity-based Attacks
by Health-ISAC Navigator, Attivo Networks
November 10 at 1pm ET
https://h-isac.org/hisacevents/protectinghealthcare-from-ransomware-by-attivo-networks/
Removing the Fog of War
by Health-ISAC Navigator, Team Cymru
November 17 at 1pm ET
https://h-isac.org/hisacevents/removing-the-fog-of-war-by-team-cymru/
Cybersecurity: The Essential Step in Healthcare Transformation
by Health-ISAC Navigator, Akamai
November 18 at 2:30 ET
https://h-isac
Health-ISAC Monthly Member Threat Briefing
Tuesday, November 23 at 12pm EDT
https://h-isac.org/hisacevents/h-isac-monthly-member-threat-briefing-november-30-2021/
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why