National Council of ISACs Publishes Ransomware Best Practices and Mandatory Reporting
Health-ISAC would like to highlight two ISAC-collaborative papers
recently published by the National Council of ISACs (NCI.)
These are available in full on the NCI website here: https://www.nationalisacs.org/publications.
National Council of ISACs Statement of Ransomware
Ransomware is a threat that the National Council of ISACs (NCI) and its member ISACs have been monitoring for years. With the increasing number of incidents of Ransomware, it is more important than ever that all enterprises take appropriate measures to protect themselves. Recently there have been some successes on the part of law enforcement and financial regulators as evidenced by indictments and the seizure of some ransom payments. The NCI calls upon businesses to redouble their efforts at cyber hygiene and references key resources to assist in network defense and pre-attack preparation. Additionally, the NCI is reiterating the importance of law enforcement and regulators across the globe to work with industry to identify, disrupt, and impose consequences on ransomware operators.
No sector is immune to Ransomware attacks. Ransomware can impact organizations of any size in any sector. However, there are steps organizations can take to reduce their risk and recover from a successful attack.
For the recommended steps and a list of resources, please see the full paper on the NCI website here https://www.nationalisacs.org/publications.
NCI Principles on Mandatory Reporting
The National Council of ISACs has been facilitating cross sector information sharing since 2003. The NCI and our members are committed to continuing to improve sharing across the NCI Membership, within the individual members, and between industry and government. As policy makers consider implementing mandatory reporting requirements, the NCI believes that it is important policy makers consider the following:
-
Scoping
-
Cost and Benefit
-
Blame the Malicious Actors, Not the Victims
-
Leverage Existing ISACs to Ease Implementation
The above categories are covered in full and can be found on the NCI website here https://www.nationalisacs.org/publications.
- Related Resources & News
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025
- 4 healthcare tech trends to watch in 2025
- Top healthcare technology trends in 2025
- A Ransomware Attack Has Struck the New York Blood Center Amid Ongoing Shortages
- Healthcare Providers Warned About Vulnerability in SimpleHelp Remote Access Software
- Health-ISAC whitepaper highlights cybersecurity responsibilities in medical device lifecycle, focuses on resilience
- Health-ISAC Hacking Healthcare 2-3-2025