Monthly Newsletter – November 2022

November 1, 2022

#newsletter

November Highlights:

~ Successful European Summit in Portugal: photos and highlights with dates for 2023 in Croatia
~ Fall Americas Summit Final Checklist
~ 11/9 Healthcare Cybersecurity Workshop Co-hosted by Health-ISAC / American Hospital Association / and Georgia Hospital Association
~ Newest Addition to Health-ISAC’s Community Services: Flare
~ Health-ISAC Navigator whitepaper by Clearwater: Keeping Patient Data Secure in the Cloud.
~Upcoming Events and Top 10 Cybersecurity headlines

Pdf version:

Text version:

Third European Summit – A Huge Success!

Aligning with traditional Portuguese fishing culture, Casting the Security Net indeed served as a tool to gather the European healthcare security community. As Denise Anderson, Health-ISAC President and CEO described in the Summit’s opening dialogue, the word
“net” has several meanings: to create a barrier to keep threats out, to capture or trap
threats, to protect like a safety net, and to connect, as in networking. And networking abounded in Algarve! Attendees are still buzzing about how great the networking was and how the content was so relevant to their work.

One summit attendee commented that “the majority – if not all – of the presentations had meaningful content to me,” and rated as Excellent the “level and spirit of networking.”

A fishing net is an ideal image to hold going forward – protection, safety, capture,
abundance, gathered resources, and best outcomes. Inspired by the words of the
Summit’s CISO Panel, let’s “keep the spirit of collaboration alive” throughout the entire Health-ISAC community.

The European Council announced the NEW Securitas Award, named after the Roman Goddess Securitas.

Securitas is a protective Goddess who watches over not only individuals in need but also entire empires. The recipient of this award at the next European Summit will similarly have contributed to the protection of Health-ISAC’s European community. We encourage
members to share information, collaborate and strive to become our FIRST Securitas Award recipient in 2023!

Save the date for next year’s European Summit in Dubrovnik, Croatia!: October 17-19

Fall Americas Summit

Route to Security Checklist

View the Agenda here: https://h-isac.org/summits/2022-fall-americas-summit/

Step 1 – Register. Mark your trip on the map; registration closes November 28

Step 2 – Book your hotel. No need to sleep in the car – Hotel group rate is available until November 11 or until the room block is sold out (and it is getting close)

Step 3 – Book your travel. Arrive at the starting line Monday to be ready for Working Groups and Member Round Tables bright and early Tuesday morning.

Go home Friday feeling refreshed, inspired, fully connected – and with a full tank!

REGIONAL WORKSHOPS

HEALTHCARE CYBERSECURITY WORKSHOP

Co-hosted by Health-ISAC / American Hospital Association / and Georgia Hospital Association

November 9 in Atlanta, Georgia

Meet healthcare and life sciences peers and learn cybersecurity best practices at this 8:30am-3pm workshop in Atlanta, Georgia. Hosted by Emory University, attendees will discuss the threat landscape, security awareness, incident response, and participate in a tabletop exercise.

https://h-isac.org/hisacevents/health-isac-american-hospital-association-cybersecurity-workshop-
hosted-by-emory-university/

COMMUNITY SERVICES VENDOR UPDATE

Newest Addition to Health-ISAC’s Community Services

Flare is the proactive digital footprint monitoring platform for mid-enterprise organizations. They scan the online world to discover unknown threats created by inadvertent employee behavior or malicious actors. Using these discoveries, Flare automatically prioritizes risks and delivers actionable intelligence that organizations can use instantly to improve security and reduce risk.

Try it for free – Each Health-ISAC member will be able to redeem 10 identifiers for 1 year, completely free (max of 3 Domain identifiers).

Learn more at https://h-isac.org/community-services/

WHITE PAPER

Health-ISAC Navigator whitepaper by Clearwater

Keeping Patient Data Secure in the Cloud.

Link: https://go.clearwatercompliance.com/wp-keeping-patient-data-secure-in-the-cloud

UPCOMING EVENTS

November 1: Health-ISAC Navigator webinar by Finite State – Navigating the Complexity of IoT Device Security

November 3: Health-ISAC Navigator web by Clearwater– Chasing a Cyber Attacker, What Healthcare Orgs Can Learn About Mitigating Risk

November 9: Health-ISAC Navigator web by Armis – Why HEALTHCARE Needs a Consolidated Security Strategy for Every Connected Asset

November 10: Health-ISAC Navigator web by Splunk – ATT&CK of the Sub-Techniques: Operationalizing MITRE ATT&CK for Healthcare

November 15: Navigator web by LuxSci – HIPAA-Compliant Martketing Best Practices

November 22: Navigator web by Cybellum – Making Sense of SBoMs and VEX for Healthcare and its Supply Chain

MONTHLY MEMBER EVENTS

1/29 – Member Threat Briefing
Last Tuesday of each month at 12pm ET

12/1 – ETC webinar at 12pm ET

Note: Due to the holidays, November/December ETC will be combined.

Top Health Related Cyber and Physical Events for November

Microsoft October 2022 Patch Tuesday Fixes Zero-Day Used in Attacks, 84 Flaws

Abuse of Legitimate Tools Threatens Healthcare Cybersecurity

A Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Zoom for macOS Contains High-Risk Security Flaw

FBI Warns of Disinformation Threats Before 2022 Midterm Elections

US Government Warns of Daixin Team Targeting Health Organizations with Ransomware

Fortinet Urges Admins to Patch Bug with public Exploit Immediately

Increasing Interconnectedness Poses Healthcare Cybersecurity Risk

Hurricane Ian Shows that Coastal Hospitals Aren’t Ready for Climate Change

Healthcare Organizations to AG:Investigate Threats Over Children’s Transgender Care