Monthly Newsletter – July 2021
July Newsletter features:
- H-ISAC’s 2021 Fall Summit — Call for Papers and Seeking Content Committee Members
- H-ISAC Exercise Series — Rethinking Resiliency Recap
- HSCC — Health Sector Cybersecurity Letter to US President Biden
- Community Services — Security Scorecard Highlight
- Working Group Highlight — IS Risk Management seeking new members
- Upcoming Virtual Events/Webinars
Pdf version:
Text version:
Health-ISAC Exercise Series: Up and Running!
On June 22, the first group of H-ISAC members worked through each step of their collaborative response to a ransomware attack scenario. Thank you to Gate 15 for help in developing and delivering this timely event.
Ōrdr is generously sponsoring this exercise series and presented Securing the Smart Hospital of
Tomorrow, Today as part of the exercise.
The next exercise in the series will be on Thursday, July 22, 2021. Members can register to participate and get more information here.
The Fall Summit is planned to be an in-person event.
Plan your trip now to meet face-to-face in sunny San Diego November 30—December 2.
Also, in response to great feedback from members who have not been able to attend our Summits in the past and participated this year virtually, content will continue to be accessible online for future
summits as well.
Let’s make this the best Summit yet!
Call for Content Committee Volunteers
Help us put together the agenda that YOU want to see. The time commitment is minimal. Committee members review submissions, select topics, evaluate the presentations for format and content value, and may assist with announcing sessions at the summit.
Call for Papers closes July 16th
Have an issue you solved? Is there a threat your team is monitoring? Speaking at H-ISAC Summits is a rewarding experience. Share your insights with your peers and become part of the quality content that is recognized at H-ISAC Summits. Submit your content here.
Top Health Related Cyber & Physical Events For July:
NATO Warns it Will Consider a Military Response to Cyber-Attacks
Members of Clop Ransomware Gang Arrested in Ukraine
Global Police Close Record Number of Fake Pharma Sites
French Antitrust Regulator Slaps $268 Million Fine on Google
Unknown Attacker Chains Chrome and Windows Zero-Days
Microsoft June 2021 Patch Tuesday Fixes 6 Exploited Zero-days, 50 Flaws
DoJ Seizes Millions in Ransom Paid by Colonial Pipeline to Darkside Hackers
Large Parts of Internet Offline Following Cloud Provider Issue
Suspect in Tennessee Hospital Bomb Threat Identified as Former Employee
French Antitrust Regulator Slaps $268 Million Fine on Google
HEALTH-ISAC SECTOR / WORKING GROUP UPDATES
Health Sector Cybersecurity: Letter to US President Biden
Similar to the borderless properties of a cyber breach, Health Sector security is a global issue and is in need of attention by global healthcare entities and their respective governing authorities.
The US Health Sector Coordinating Council (HSCC) wrote a letter to President Joseph Biden in hopes of highlighting the urgent need to strengthen the cybersecurity of healthcare and public health data, medical technology and information technology systems. To view the letter, go to:
https://h-isac.org/health-sector-cybersecurity-hscc-letter-to-president-biden/.
Health-ISAC Working Group: IS Risk Management — Get Involved!
Information security risk management is a critical capability to enabling action, focus, and risk reduction for any organization. While risk management principles and tactics are fairly “common”, our healthcare industry has an opportunity to collectively enhance our value and efforts by sharing best practices and challenges and learning together.
The group meets virtually on the 4th Thursday of each month at 2:00PM EDT. Email contact@h-isac.org to join the IS Risk Management WG and get involved with the conversations.
HEALTH-ISAC COMMUNITY SERVICES
SecurityScorecard provides Cyber Risk Ratings: COMPLIMENTARY OFFER FOR H-ISAC MEMBERS
With over 5 million companies scored (20 Million by the end of 2021), SecurityScorecard lets you continuously monitor and grade the External Cybersecurity Posture of any organization (these scores have a statistically relevant correlation with breach risk). Customers leverage SecurityScorecard’s solution to support a variety of use-cases that include, but are not limited to, Vendor Risk Management / Supply-Chain Risk Management, Enterprise Monitoring and Regulatory Compliance.
As part of the partnership, all H-ISAC members may receive a Complimentary SecurityScorecard Ratings Platform Enterprise Starter License, that enables you to monitor yourself and up to five third parties (Vendors, Suppliers, Customer, Peers, Competitors etc). In addition to the Ratings Platform, SecurityScorecard is also pleased to offer all H-ISAC Members Complimentary access to Atlas, its Questionnaire Exchange and Management Solution that is fully integrated with the Ratings Platform. As part of the partnership, all H-ISAC members are entitled to Complimentary Atlas access and the ability to send up to 5 Questionnaires. H-ISAC members can leverage Atlas’s upload capability to send the H-ISAC Supplier Questionnaire via Atlas to Suppliers and Vendors alike.
UPCOMING EVENTS — Or go to our Events Page https://h-isac.org/events/
HOW A CYBERATTACK DROVE HVHS TO MARKET-LEADING IOT SECURITY BY MEDIGATE
A Health-ISAC Navigator webinar
BY MEDIGATE
Wednesday, July 14th at 9:00 am PT / 12:00 pm ET
VISUALIZING YOUR DEVICE ECOSYSTEM & ITS EFFECT ON THREAT MODELING
A Health-ISAC Navigator webinar
BY ARMIS
Wednesday, July 21st at 10:00 am PT / 1:00 pm ET
RETHINKING RESILIENCY #2:
A VIRTUAL H-ISAC EXERCISE SERIES
Thursday, July 22 from 12-3:30 pm EDT
https://h-isac.org/hisacevents/rethinking-resiliency-a-virtual-exercise-series-2/
MODERN THREAT DEVELOPMENTS AFFECTING PATIENT SAFETY
A Health-ISAC Navigator webinar
BY ECLYPSIUM
Thursday, July 22 from 12-3:30 pm EDT
https://h-isac.org/hisacevents/modern-threat-developments-affecting-patient-safety-by-eclypsium/
H-ISAC MONTHLY MEMBER THREAT BRIEFING – JULY
Tuesday, July 27 from 12-1 pm EDT
https://h-isac.org/hisacevents/h-isac-monthly-member-threat-briefing-july-27-2021/
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why