Health-ISAC

(TOMORROW & WEDNESDAY) Join Health-ISAC, Google Cloud Security, Quadrant Information Security, Cerby, and Venable LLP for this month's Monthly Threat Briefings for Members. The one-hour session will consist of the following topics plus audience questions. Join the most convenient session: - Tuesday, July 30 at 12 PM ET  - Wednesday, July 31 at 3 PM CET (9:00 AM EST) AGENDA: Introduction & Welcome: Errol Weiss Trending Impacts on Healthcare: Antonela Ramljak New & Emerging Threats: HUNTERS Ransomware, Josh Stern Cybercrime: MOVEit is still a problem, notable for Healthcare, Kevin McAree Emerging AI Threats to Legacy Healthcare Systems, Matthew Chiodi Physical Security: Viral Outbreaks, Taylor Porter – Health-ISAC Legal & Regulatory: U.S. Supreme Court Decision’s Federal Regulatory Impact, Timothy McGiff Significant Global Dates: Gabriel Saavedra https://lnkd.in/edi5fDhE

The deluge of cyberattacks on healthcare organizations continues to happen daily. If that wasn’t bad enough, entities in the healthcare supply chain are also being targeted and becoming potential attack vectors towards the healthcare organizations. Not much light has been shed on this weak point — it is even considered a “critical blind spot” in healthcare cybersecurity, says Errol Weiss, chief security officer at Health-ISAC. https://lnkd.in/emFaWJpi “When I think about the current environment, these system disruptions and data breaches are really the digital weapons of choice for today’s cyber criminals and nation states to achieve their goals,” says Weiss.

Strategies for a Stronger Healthcare SMB: A 2024 Threat Report webinar by OpenText on Thursday, August 22nd at 12 pm et. https://lnkd.in/eru_X2eH What You’ll Learn: - Understand the current cybersecurity threats facing SMBs and the latest trends in malware, ransomware, and phishing attacks. - Learn about the impact of generative AI on the sophistication of email threats and the strategies used by cybercriminals. - Discover effective multi-layered defense strategies that can significantly reduce the risk of malware infections. - Get up to date with actionable cybersecurity recommendations tailored for SMBs In the rapidly evolving landscape of healthcare cybersecurity, small- and medium-sized healthcare providers encounter increasingly sophisticated and widespread cyber threats. These challenges highlight the critical need to safeguard digital assets and patient data. Join Tyler Moffitt in this webinar to explore key findings from the 2024 OpenText threat perspective: Strategies for a stronger SMB, a comprehensive analysis of the current cybersecurity environment. Drawing on threat intelligence data collected from over 15 million endpoints, we’ll dive into the evolving nature of malware infections, the impact of generative AI on threats, and the rise in software supply chain attacks. Listen to learn how to fortify your cybersecurity strategy and protect patient information effectively. #cybersecurity #threatawareness #ransomware

From Health-ISAC's Daily Cyber Headline: https://lnkd.in/eQ7yKhyb Three U.S. senators introduce the Healthcare Cybersecurity Act of 2024 to address #cyberattacks in healthcare. The bill aims to improve preparation and training in response to threats like ransomware attacks on healthcare organizations. It will facilitate collaboration between CISA and HHS to provide resources and support non-federal entities in defending against cyber threats. The Healthcare Cybersecurity Act is crucial in protecting patient safety and #healthcare infrastructure. 

Each merger and acquisition is unique. It is helpful to break the process into three phases: Pre-Acquisition, Post Acquisition, and Integration. Health-ISAC's VP of Medical Device Security, Phil Englert, offers insight on   Building Resilience During Mergers and Acquisitions in this TechNation blog. https://lnkd.in/gA776q6x #mergers #hospitals #healthsystems

Interested in biomedical engineering technology? Health-ISAC's VP of Medical Device Security, Phil Englert, will present a Medical Device Cybersecurity Program with the COLORADO ASSOCIATION OF BIOMEDICAL EQUIPMENT TECHNICIANS (CABMET) at the CABMET 2024 Symposium in Denver. It is the opening session on August 1st at 8:00 AM, immediately following breakfast. https://lnkd.in/eYZkxY9V #htm #healthtech #biomedicalengineering

This Health-ISAC white paper provides insights into the current state and future of supply chain risk management and offers CISOs questions to inform how their cybersecurity teams can best identify and mitigate risks in their environments. https://lnkd.in/e4KX9zt8 A Product of the Health-ISAC University of Central Florida Internship Program, spearheaded By: Taylor Porter, Gabriel Saavedra #supplychain #riskmanagement #healthcaresecurity  

From Health-ISAC's Daily Cyber Headline: https://lnkd.in/e68RBJff Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that a vulnerability found in GeoServer is being actively exploited. The vulnerability is being tracked as CVE-2024-3601, a remote code execution vulnerability. Health-ISAC Members are recommended to update systems as they are released to patch any known vulnerabilities. The tool is an open-source software, which highlights the risk of using open-source software as attackers can easily exploit vulnerabilities found within it. 

This is a good overview of last Friday's events and a well-earned recognition of the benefits of Information Sharing and Analysis Centers (ISACs) and their ability to collaborate quickly and share mitigation for critical sector resilience.  The connected membership community received early access to understand what was happening and obtained insight into real solutions to get back on track. https://lnkd.in/g3NDMnj4 #informationsharing #criticalinfrastructure #operationalresilience

Cybersecurity personnel may also be hard for hospitals to find, said Errol Weiss, chief security officer at the Health Information Sharing and Analysis Center, or Health-ISAC. Cybersecurity professionals are in short supply across the globe, and health systems are competing with other sectors for talent, including ones that might be able to pay workers more. “We’re not training enough people, we’re not graduating enough people through college courses in cybersecurity,” Weiss said. “And the number of jobs that we need them in is ever increasing.”  https://lnkd.in/e3wPwKAp #cybersecurityjobs #hospital #healthit