Monthly Newsletter – January 2021
January Member Newsletter highlights include:
- A look at 2020 accomplishments
- Where in the World is H-ISAC?
- Upcoming webinars and virtual events
Pdf version:
Text version:
WHAT A YEAR!
A Look at H-ISAC Accomplishments in 2020
There is no other way to say it, 2020 was a challenging year in so many ways. Not only was the world grappling with a global pandemic, which led to an overnight shift to a remote workforce, telehealth visits and global supply chain constraints; but we also had to deal with a ramp up in malicious activity ending the year with discovering that a sophisticated threat actor conducted an enormous penetration of organizations both public and private and again raised the ugly spectra of the immense vulnerabilities presented by supply chains.
That being said, we had huge accomplishments at H-ISAC due to the hard work of our members and partners and others who contributed to helping the sector during the year. First and foremost, we celebrated ten years as the ISAC for the Health sector. We’ve come a long way in a very short period of time!
On the Threat Intelligence front, we conducted Monthly Threat Briefs and established the Monthly Threat Level. We expanded the staff in the Threat Operations Center (TOC) and the members on the Threat Intelligence Committee (TIC). We established a survey committee and survey process. We began producing our quarterly Threat Trends in the Healthcare Sector Quarterly Report with Perch. We also held a member webinar with a third-party organization regarding the incident they experienced. We completed the Mattermost and Okta transition as well as transitioned to Cyware for information dissemination. We developed an ISAC incident response checklist to standardize our response and services to members. We published 798 victim notifications, 77 threat bulletins, 51 vulnerability bulletins and members shared over 185,413 indicators of compromise.
During the initial COVID-19 response we had 43 actions that we undertook to provide value to members, including Friday Sharing Happy Hours, published joint products such as Incident Response and Return to Work Guidelines, created a PowerPoint deck of COVID-19 threats and mitigation strategies and partnered with external organizations to offer services, discounts and threat information with members.
We produced a number of white papers around topics such as Identity and Medical Devices, published a Medical Device Media Kit, held over 70 webinars, hosted several virtual workshops, conducted and/or participated in a number of exercises such as the first exercise in our Hobby series, added an analysis section to Hacking Healthcare and we conducted our first ever Hybrid Summit last month, which was very successful.
We updated our Member Code of Conduct as well as our membership agreement. We produced over 300 Member Engagement Dashboards to show granular participation in the ISAC. We published a statement on Inclusion and Diversity, and we started an Inclusion and Diversity Program and Committee. These are just some of the things we accomplished in 2020. We are looking forward to doing even more in 2021 and we have started off the year with two member calls regarding SolarWinds that have been well attended and received. Thank you for being a member of H-ISAC and contributing to the health and well-being of our community.
Happy New Year,
Denise Anderson
H-ISAC President and CEO
WHERE IN THE WORLD WAS HEALTH-ISAC IN 2020?
The 2020 Membership Landscape Showed Member Headquarters in 16 Countries plus many other Satellite Locations.
Current Headquarter Locations:
Australia, Canada, Denmark, France, Germany, Ireland, Israel, Japan, New Zealand, Portugal, Singapore, Sweden, Switzerland, the Netherlands, UK, and the USA.
UPCOMING HEALTH-ISAC GLOBAL EVENTS
H-ISAC Monthly Member Threat Briefing
January 26 at 12pm EST https://h-isac.org/hisacevents/h-isac-monthly-member-threat-briefing-15/
Medical Device Security 101 Virtual Conference
Partnered Event January 11-13, 2021 Archimedes Center for Healthcare Device Security https://h-isac.org/hisacevents/virtual-conference-archimedes-center-for-healthcare-and-device-security/
CTIA Analyzing the Threat
Threat Intelligence (TI) and Data Collection, Utilization and Protection Course
2-Day Course – Members Only
January 27th
Upcoming H-ISAC Summits
(Hybrid summits accommodate both in-person and live-stream virtual platforms)
23-25 March 2021 ….APAC Summit is canceled.
May 17-21, 2021 “Secured in Paradise” H-ISAC Hybrid Spring Summit in Naples, Florida. https://www.naplesgrande.com/
Nov 29-Dec 3, 2021…H-ISAC Fall Summit in San Diego, California. https://paradisepoint.com/
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why