Free internet-facing Vulnerability Scanning service from DHS CISA for H-ISAC members
During this critical time of our Nations’ Healthcare Sector, DHS Cybersecurity & Infrastructure Security Agency (CISA) has partnered with H-ISAC to make available a free, continuous vulnerability scanning service to assess the security of internet facing networks of any H-ISAC member organization interested in enrolling in the service.
CISA’s “Cyber Hygiene” is a Vulnerability Scanning service that helps secure internet-facing systems from weak configurations and known vulnerabilities, and encourages the adoption of modern security best practices. CISA will perform regular network and vulnerability scans and deliver a weekly report for action by the individual H-ISAC member organization.
The Cyber Hygiene service is highly automated and requires little direct interaction.
Here’s a summary of the process to get started:
- H-ISAC member sends enrollment request to CISA
- CISA will validate the request and send a scanning agreement to the H-ISAC member
- H-ISAC member completes scanning agreement and returns to CISA
- Automated scans will start within 72 hours
- H-ISAC member will begin receiving reports in 7 to 10 days (any critical findings will be delivered within one business day)
CISA will not share the scanning results without written and agreed consent from the H-ISAC member organization. CISA uses anonymized data to develop non-attributed reports for trending and analysis purposes.
For more information, please see the attached one page informational brochure.