Skip to main content

Monthly Newsletter – July 2023

July Newsletter highlights:

~ European Summit – Registration is open!
~ Fall Americas Summit – Call for Papers closes July 14
~ White Paper – Improving Medical Device Security by Moving from Shared to Defined Responsibility
~ Medical Device Security – Health-ISAC presented at AAMI Exchange
~ Community Services Program – Finite State has become a Community Service Provider!
~ Weekly Office Hours for Member Engagement – Ask any question
~ Blog: Cyber is Another Failure Marker – Phil Englert in TechNation
~ New Working Group – NIS2 Implementation
~ Workshop Video – YouTube link

Pdf version:

Text version:

Registration to Gateway to Security is open!

Join us in Dubrovnik, Croatia October 17-19

Come to draw on the experiences of a multitude of organizations globally to collaborate for resilience in healthcare.
Listen to what previous European Summit attendees are saying…
– Sessions and networking – event was fabulous!
– Great learning experience
– Good platform to connect and share experiences.

Early Bird registration is US $200 – through September 15!
Register at https://cvent.me/4bX9Gl

Fall Americas Summit

The Deadline is Approaching to Share S’more with your Peers.

Call for Papers closes July 14th.

Prepare for one of the greatest campfire stories on the range. Keynote speaker Shawnee Delaney will share her tales of espionage and cybersecurity, including tips to know when you are being recruited and how to respond if you are approached.

Registration opens August 21st with a SummitPalooza one-day only sale!

Learn more https://h-isac.org/summits/2023-fall-americas-summit/

Health-ISAC White Paper

Improving Medical Device Security by Moving from Shared to Defined Responsibility

5 Key Takeaways:
1. Define task responsibilities among stakeholders to reduce the overall risk of failure.
2. Develop a responsibility assignment matrix to help define task obligations for all parties supporting medical devices.
3. Gain an understanding of the responsibility distribution in operating software solutions through “black box” medical devices to cloud service.
4. Learn about procedures to identify necessary tasks and assign those tasks to responsible parties, set up a RACI matrix, and keep it updated with a continuous improvement cycle.
5. Find a RACI matrix template to define responsibilities for operational use. View paper here: https://h-isac.org/shared-responsibility-whitepaper-raci/

Medical Device Security

Health-ISAC at AAMI Exchange23

Sessions and discussions at AAMI Exchange23 in Long Beach, California in June were informative and encouraging. MedDevSec was a major theme with over 20 educational sessions focused on the topic. Health-ISAC’s VP Medical Device Security, Phil Englert, presented two sessions and staff interacted with attendees via an informational booth.

Community Services Program

Finite State has become a Community Service Provider!

Finite State offer to all Member Organizations Free SBOM + Firmware Risk Assessment for (3) products. Finite State helps organizations reduce risk around application and product security across the software supply chain. They provide SBOM generation, ingestion, and extended SBOM management.

Learn more here: https://h-isac.org/finite-state/

Resource Corner

New Office Hours for Member Engagement

Not sure how to navigate the new Member Portal? Want to learn how to add users to your organization? Join the Member Engagement Office Hours held each Tuesday from 3-4pm ET. The invite link is posted in SecureChat each Tuesday before the office hours occur

Blog: Cyber is Another Failure Marker

Phil Englert in TechNation https://h-isac.org/cyber-is-another-failure-marker/

New Working Group

NIS2 Implementation Working Group

This new group is for organizations doing business in the EU. The Group will collaborate on the NIS2 directive coming to the EU. The goal is to develop and coordinate the approaches for each country and implement it on a company level. Interested members should sign up on the Member Portal, reach out to the Member Engagement Specialist, or email contact@h-isac.org for support.

Workshop Video

Ever wondered what attending a workshop is like? View a snippet of our Workshop at ICON and learn why networking is so important.

YouTube video link: https://youtu.be/4qu3tU0Sk-o

MORE UPCOMING EVENTS View all Health-ISAC Events here https://h-isac.org/events/

July 11 Health-ISAC Preparedness and Resilience Tabletop Exercise Series in Waltham, MA Hosted at ElevateBio and sponsored by Palo Alto Networks

July 14 Health-ISAC Preparedness and Resilience Tabletop Exercise Series in Bend Oregon Hosted at St Charles Hospital and sponsored by Proofpoint

July 19 Google Discusses the Latest Threat Landscape Trends impacting the Healthcare and Cloud Sectors Ambassador webinar by Google Cloud

August 9 Defcon 2023 Member Meet Up Member and prospective member dinner

Top Health Related Cyber and Physical Events for July

U.S.: Florida Tornado Ranked EF2, Winds Of 130 Mph

U.S.: Hospitals Create Police Forces To Stem Growing Violence Against Staff

U.S.: New Hampshire Pharmacists Call This The Worst Allergy Season They’ve Seen In Years

Australia: New South Wales Health Workers Protest Labor’s Inaction On Wage Cap

MalasLocker Ransomware Targets Zimbra Servers, Demands Charity Donation

Uintah Basin Healthcare Data Breach Affects Over 100K

Police Operation SpecTor Arrests 288 Dark Web Drug Vendors and Buyers

FBI Seizes 13 More Domains Linked to DDoS-for-Hire Services

Bipartisan Bill Aims to Shut Rural Hospital Cyber Skill Gaps

North Korean APT Uses Malicious Microsoft OneDrive Links to Spread New Malware

This site is registered on Toolset.com as a development site.