Quantitative Risk Management in Healthcare Cybersecurity
TLP:WHITE
Please see the below the weekly threat brief from the HHS Health Sector Cybersecurity Coordination Center (HC3). This week’s briefing is on Quantitative Risk Management in Healthcare Cybersecurity and covers the following topics:
- Risk Management
- Risk Frameworks
- Qualitative Vs. Quantitative Risk Management
- Quantitative Approach Over Qualitative Measures
- Traditional Risk Management and the Way Forward
- Cyber Risk
- Data Needed for Quantitative Risk Management
- Examples of Quantitative Approaches
- Key Risk Indicators (KRIs)
- Some Metrics Used in Quantitative Risk Management
- Small Healthcare Organization Usage
- Case Study: Mayo Clinic Supply Chain Risk Management
- Data Breaches from 2019 Verizon Data Breach Investigation Report
- Legislation, Regulations and Standards
- Related Resources & News
- Healthcare Heartbeat 2024 Q4
- Health-ISAC Hacking Healthcare 2-19-2025
- Podcast: Reflecting on the Change Healthcare cyberattack
- Senate Confirms Trump Pick RFK Jr. to Lead HHS
- The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
- Health-ISAC 2025 Health Sector Cyber Threat Landscape
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025