Free internet-facing Vulnerability Scanning service from DHS CISA for H-ISAC members
During this critical time of our Nations’ Healthcare Sector, DHS Cybersecurity & Infrastructure Security Agency (CISA) has partnered with H-ISAC to make available a free, continuous vulnerability scanning service to assess the security of internet facing networks of any H-ISAC member organization interested in enrolling in the service.
CISA’s “Cyber Hygiene” is a Vulnerability Scanning service that helps secure internet-facing systems from weak configurations and known vulnerabilities, and encourages the adoption of modern security best practices. CISA will perform regular network and vulnerability scans and deliver a weekly report for action by the individual H-ISAC member organization.
The Cyber Hygiene service is highly automated and requires little direct interaction.
Here’s a summary of the process to get started:
- H-ISAC member sends enrollment request to CISA
- CISA will validate the request and send a scanning agreement to the H-ISAC member
- H-ISAC member completes scanning agreement and returns to CISA
- Automated scans will start within 72 hours
- H-ISAC member will begin receiving reports in 7 to 10 days (any critical findings will be delivered within one business day)
CISA will not share the scanning results without written and agreed consent from the H-ISAC member organization. CISA uses anonymized data to develop non-attributed reports for trending and analysis purposes.
For more information, please see the attached one page informational brochure.
To enroll, send an email to NCATS_INFO@hq.dhs.gov and include a cc to contact@h-isac.org so H-ISAC can confirm you are an H-ISAC member. In your email to DHS, be sure to include you are a healthcare firm with active stakes in the COVID-19 response.
CyHy Vulnerability Scanning