Skip to main content

2025 Sat Survey Cybersecurity Services

    • Threat Bulletins
      • Threat Bulletins are distributed by the Threat Operations Center following confirmation and validation of a suspected threat actor or actors posing an immediate threat to the sector. Threat Bulletins often include details related to the threat, mitigation strategies for the threat, and indicators of compromise for assessing how relevant the threat is within your environment.
    • Vulnerability Bulletins
      • Vulnerability Bulletins are distributed by the Threat Operations Center after analysis and validation of a vulnerability potentially impacting Health-ISAC member networks. Medical Device Vulnerability disclosures are also distributed to the HDO community.
    • Targeted Alerts
      • Targeted Alerts warn members of high risks specific to their network – including things like vulnerable servers, cyber criminals selling access to their networks, stolen intellectual property, compromised credentials (usernames / passwords) and more.
    • Health-ISAC Threat Intelligence Portal (HTIP)
      • HTIP is a one-stop-shop for Members to access valuable threat data from a variety of sources to members in a consolidated feed of informative and actionable threat intelligence. HTIP includes: a document library; a knowledge base; an alert portal; anonymous sharing of threat intelligence; easy access to RFI submission; and a Member directory. Health-ISAC Indicator Threat Sharing (HITS)
    • Health-ISAC Indicator Threat Sharing (HITS)
      • HITS is a real-time (machine-to-machine) exchange of cyber threat indicators and is one of the most economical ways to protect a Member’s assets and ultimately reduce the prevalence of cyberattacks.
    • Finished Intelligence Reports
      • Finished Intelligence Reports have a greater focus on analysis than a traditional bulletin. These reports are developed as topics of interest are voiced by members and developed into finished intelligence reports by the Threat Operations Center team and Health-ISAC organized working groups devoted to member concerns and topics.
    • Monthly Threat Briefs (MTB)
      • The TOC hosts and delivers the MTB for Health-ISAC members aided by sponsors and partners to provide timely updates on threats and risks in healthcare. Held normally on the last Tuesday of the month at noon ET, the MTB covers Current Threat Trends in Healthcare, Cyber Crime, Nation State, Physical Security, Legal & Regulatory, Significant Upcoming Dates and recent Health-ISAC publications.
    • Daily Cyber Headlines
      • The Daily Cyber Headlines provide insight into relevant healthcare related emerging threats, reports, and legal issues related to cybersecurity.
    • Hacking Healthcare
      • The Legal & Regulatory Blog is written by Health-ISAC staff, in collaboration with Health-ISAC members. It is intended as another sharing tool for community members and as an example of the types of information you have access to as a member of Health – ISAC.
    • Bi-weekly Geopolitical Watchlist
      • The goal of the Health-ISAC Geopolitical Watchlist is trifold. First, it seeks to help the membership mitigate global risk through geopolitical awareness. Second, it seeks to allow members to preemptively identify global risk. Third, it facilitates a broader international awareness campaign that is critical to keeping business resilience strategies current.
    • Cyber Threat Level
      • The Health-ISAC Threat Advisory Level establishes an overall advisory level for Health-ISAC members by the Threat Intelligence Committee (TIC). The TIC reviews the Threat Advisory Level at least monthly and can adjust as needed in case of unique security events or incidents. The Threat Advisory Level is sent to Health-ISAC members and partners and includes the top issues driving the threat level.
    • Healthcare Heartbeat
      • Healthcare Heartbeat is produced quarterly and covers Cybersecurity Trends and Threats in the Healthcare Sector. The document provides high level observations and statistics of ransomware, cybercrime trends, and malicious actor forum postings that could potentially impact healthcare sector organizations.
    • Exercises
      • Americas Hobby Exercise :The series is named after Oveta Culp Hobby, the first secretary of Health, Education, and Welfare. The annual exercise includes participants from the public and private sector who come together in a facilitated discussion format designed to encourage engagement and collaboration. The exercise has three distinct principles that help to ensure its continued effectiveness:
      • European Hobby Exercise: The series is named after the Eurasian Hobby, a very bold and courageous falcon. The annual exercise includes participants from the public and private sector who come together in a facilitated discussion format designed to encourage engagement and collaboration. The exercise has three distinct principles that help to ensure its continued effectiveness:
      • Regional Workshops & Preparedness & Resilience Tabletop Exercise (TTX) Series: The regional workshops are events held at member host locations that provide an opportunity for members and prospective members to share information, best practices, lessons learned, current threats, and new ideas and solutions with their colleagues and learn from others. These events also provide an opportunity to meet and build relationships with colleagues. Many workshops also include a TTX consisting of a fictional scenario targeting healthcare entities. The Health-ISAC Preparedness & Resilience TTX series is a facilitated discussion that captures strengths and areas for improvement, that is incorporated into a final exercise series after-action report that is shared with members.
      • Member TTX as a Service: Health-ISAC will plan and execute an internal discussion-based exercise for your organization. We require a small planning team (2-3 individuals) to assist with objectives and scenario development. This provides an opportunity to have Health-ISAC facilitate an exercise for your organization to test any plans, processes, and procedures that you desire. There is a cost associated with this service.
    • Annual Threat Report
      • The annual threat report enables healthcare security professionals worldwide to ensure operational resilience by enhancing situational awareness and strengthening their ability to detect, mitigate and respond to cyber threats