Monthly Newsletter – August 2022
August’s Newsletter features:
- Health-ISAC’s 2022 EU Summit — Registration opens August 15th;
- Health-ISAC’s 2022 Fall Americas Summit — Registration opens August 29th. Don’t miss out on the 1 day ONLY Summitpalooza;
- Podcast — Listen to Eric Greenwald’s podcast on Medical Device Security with Errol Weiss and Phil Englert;
- Working Groups — Find one that interests you;
- New Ambassador– Google Cloud;
- Upcoming Events — Conferences and Webinars
Pdf version:
Text version:
European Summit Registration Opens August 15!
Summit link:
https://h-isac.org/summits/2022-european-summit/
Cast your Security Net to catch a boatload of networking and learning opportunities with Health-ISAC in Algarve, Portugal Oct 18-20, 2022 at the beautiful Hilton Vilamoura as Cascatas Resort & Spa. This southernmost region of Portugal is known for its gorgeous beaches, whitewashed fishing villages and historical castles, churches and ruins.
Exclusive Evening Event
Create lasting networking relationships with peers exploring historical Faro, the capital of Algarve. Then board a catamaran and sail past the world famous Ria Formosa – considered one of the seven natural wonders of Portugal, to a private island for dinner exclusive to Health-ISAC European Summit attendees. This is an event you don’t want to miss!
* * * * *
Fall Americas Registration opens August 29!
Summit link:
https://h-isac.org/summits/2022-fall-americas-summit/
Start mapping out your Route to Security Dec 6-8 in Phoenix, AZ. This is an exit not to be missed – famous for its renowned sessions and networking opportunities. Here is some feedback from previous attendees:
“Excellent, relevant content. Great networking opportunities, learning from
others, sharing information.” – Spring 2022 Summit Attendee
“A very unique conference, not too big, just the right size to really collaborate
and meet others in the healthcare security community.”
– Spring 2022 Summit Attendee
Register early and save $$
Summitpalooza $99 for one day only!! **August 29 **
Book your hotel right away. The Spring Americas Summit hotel room block sold out early. Hotel information will be coming soon through the Member list server.
* * * * *
Top Health Related Cyber and Physical Events for August
Healthcare Is Now the Industry Most Targeted by Hackers
https://www.bizcommunity.com/Article/196/148/229789.html
657 Healthcare Providers Affected by Ransomware Attack on Professional Finance -Company
https://www.hipaajournal.com/657-healthcare-providers-affected-by-ransomware-attack-on-professional-finance-company/
Clinics That Provide AbortionServices are Increasingly Worried About Security
https://www.npr.org/2022/07/26/1113615302/clinics-that-provide-abortion-services-are-increasingly-worried-about-security
US President Joe Biden Signs Cyber Bills into Law
https://thehill.com/policy/cybersecurity/3531553-biden-signs-cyber-bills-into-law/
NIST Selects 4 Quantum-Resistant Encryption Algorithms
https://www.helpnetsecurity.com/2022/07/06/quantum-resistant-encryption/
MI5, FBI Chiefs Warn of ‘Game-Changing’ Challenges From China
https://www.aljazeera.com/news/2022/7/7/mi5-fbi-chiefs-warn-over-china-in-rare-joint-address
Healthcare Cyber Security Market 2022 Research Report Analysis
https://www.taiwannews.com.tw/en/news/4588908
Researchers Share Techniques To Uncover Anonymized Ransomware Sites on Dark Web
https://thehackernews.com/2022/07/researchers-share-techniques-to-uncover.html
Hospitals Struggle with Staff Shortages as Federal COVID Funds Run Out
https://www.politico.com/news/2022/07/25/hospitals-staff-shortages-covid-funds-00047539
Free Decryptor Released for AstraLocker, Yashma Ransomware Victims
https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-astralocker-yashma-ransomware-victims/
PODCAST
On this episode of the The Internet of Threats podcast, Health-ISAC’s Errol Weiss (Chief Security Officer) and Phil Englert (Director of Medical Device Security) join podcast host Eric Greenwald to discuss the rising stakes of medical device cybersecurity, the growing role of government in regulating cybersecurity controls in healthcare, and how
Health-ISAC fits into the picture.
Podcast link:
https://sites.libsyn.com/409181/medical-device-security-should-i-worry-about-my-pacemaker-being-hacked
Topics discussed include:
- The government’s increased appetite for cybersecurity regulation (with a focus on medical device security);
How to protect against attacks with tens of thousands of different medical devices made by a wide array of different manufacturers and that do different things;
- The importance of having visibility into the components that make up those thousands of medical devices;
- Whether the SBOM (Software Bill of Materials) is ready to be a key control in the healthcare cybersecurity ecosystem.
Successful Public-Private Hobby Exercise
Last week in Washington, DC, participants representing public and private Healthcare and Public Health sector organizations discussed significant security and resilience challenges. The annual exercise included government keynote speakers, large group discussion, breakout room discussions, and ample networking opportunities.
WORKING GROUPS
By Members / For Members
Leveraging Health-ISAC’s community to address specific shared challenges, working groups serve as discussion forums to lead and drive solutions for the industry. Working groups create products such as re-usable templates, policies, whitepapers and best practices. Working group participants also often co-present at Health-ISAC Summits. Any member is welcome to join a Working Group!
View a full list of Health-ISAC working groups here:
https://h-isac.org/committees-working-groups/
NEW AMBASSADOR – GOOGLE CLOUD
Building A Resilient Healthcare Ecosystem With Health-ISAC
As part of Google’s investment initiative to advance cybersecurity in critical infrastructure, Google Cloud will bring experts and resources to the healthcare community and its leadership through Health-ISAC’s Ambassador program.
“Partnering with Health-ISAC just makes sense. We share a common vision that building a safe and reliable health ecosystem is our collective responsibility and keeps with values of respecting and protecting each other. This partnership should inspire other organizations with skills and capabilities that can contribute to these outcomes to join us,” said Phil Venables, CISO, Google Cloud.
Read full announcement here:
UPCOMING EVENTS:
LINKS AVAILABLE HERE: https://h-isac.org/events
August 3: Health-ISAC Navigator web by SimSpace – Improving Resilience Against Insider Threats
August 12: Member Meetup Dinner at DEFCON – Currently at capacity, but check back for openings
August 17: Health-ISAC Security Workshop, San Francisco – Hear best practices, share solutions and partake in an exercise
with physical security implications – Hosted by UCSF and generously sponsored by Ordr
Monthly Member Events
Community Services ETC Update
8/25 – Last Thursday of each month at 12pm ET.
Monthly Threat Briefing
8/30 – Last Tuesday of each month at 12pm ET.
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why