H-ISAC Newsletter – August 2019 – TLP White
H-ISAC Summit Update
European Summit
Zurich, Switzerland
October 16-17, 2019
Agenda topics include —
-IT Risk Management and Security Strategy to support
Digital Transformation
-Who Manages the Unmanageable in a Healthcare
Delivery Organization?
-User Awareness Training/Collaboration
Presentations are due August 9
If you would like to use the H-ISC template, please send an email to contact@h-isac.org.
Register here:
https://h-isac.org/summits/european_summit/
“Up Your Game” Fall Summit
San Diego, USA
December 2-6, 2019
New This Summit —
A Threat Intelligence track has been added, along with the popular Medical Device and Technical tracks. Plan to visit the Escape Room geared toward information sharing training and awareness. De-stress before general session with some healthcare-centric “engineering” comedy.
Registration is Open — Save & Win
Early Bird Registration is just USD 300.
There is still time to enter to win a prize
to for the first 50 registered.
Register here and Let the Games Begin!
https://h-isac.org/summits/european_summit/
H-ISAC “Hobby” Exercises –
A call for member engagement
The Health Sector Hobby Exercises are named after Overta Culp Hobby – the
first Secretary of Health, Education and Welfare in the United States. In
keeping with her pioneering excellence in healthcare, the H-ISAC will plan and execute a series of cybersecurity related exercises. The exercises are intended
to engage a cross-section of top-level public and private sector leaders.
The first exercise will commence in February, 2020 in Washington, DC. At
present, H-ISAC is recruiting member organizations for both planning and
exercise play. Seats are limited as we strive for diverse sub-sector
participation. To be a part of this important activity reach out to:
contact@h-isac.org
Exercise Opportunity: Crimson Contagion 2019
This August 13th – 16th, HHS will be holding a Functional Exercise entitled Crimson Contagion 2019 (Crimson Contagion ’19). The exercise will provide an opportunity to test and evaluate current plans, policies, and procedures as well as core capabilities for biological incident response and recovery, as required by law. Health-ISAC will be participating in
all aspects of Private Sector Play. For more information and to register, go to the fact sheet.
Link – Crimson Contagion Fact Sheet: https://bit.ly/2OqEh6J
Top 10
Health Related Cyber Events
for August:
Phishing Attack on California Vendor Breaches Data of 14,500 Patients
Essentia Health Notifies Of Data Breach At Vendor
Notifications Underway After Contractor Data Breach Exposes DHS Patient Data
Mercyhealth Experiences Data Breach
Summa Health, Alive Hospice Report Data Breaches from Email Hacks
Essentia Health alerts 1,000 patients of data breach
Penobscot Community Health Center notifying 13,000 patients about collection agency breach
Maine health care provider warns of possible data breach
Phishing Attack on Wise Health Impacts Data of 36,000 Patients
5 million personal records belonging to MedicareSupplement.com exposed to public
Healthcare Sector Update
Council issues guide to recruiting skilled health care cybersecurity talent
The Healthcare Sector Coordinating Council, a public-private partnership of health care companies and providers developing
collaborative solutions to mitigate threats to critical health care infrastructure, last week released a guide to help health care
organizations attract and retain skilled cybersecurity talent.
The guide offers resources to help hiring managers and chief
information security officers think about cyber workforce development as a continuum, among other strategies.
To get a copy of the guide, go to https://bit.ly/2OqEh6J .
H-ISAC Partners with
Healthcare Innovation to Form
New Cyber Forums
Limited Complimentary Passes Are Available
H-ISAC is co-organizing the forums with Healthcare
Innovation. The forums will coincide with the Healthcare
Innovation Summit Series.
Los Angeles — September 20, 2019 
Boston — October 4, 2019
Seattle — November 20. 2019
To view the agendas, speakers, and register visit:
https://endeavor.swoogo.com/2019-California-
The Payer Special Interest Council connects large and small insurance carriers to collaborate and share risk-based cybersecurity and anti-fraud strategies while reducing control impact to the business.
This group meets virtually on the second Tuesday of the month at 1:00PM. Members who would like to join or learn more about this group, please email contact@h-isac.org. Learn more at
https://h-isac.org/committees-working-groups/
SHARED SERVICES — WEBINAR
Pfizer Case Study Webinar recording
Hear an expert from Pfizer explain how they evolved Third-Party Risk Management (TPRM) from a tactical, spreadsheet-centric process to a strategic, highly automated and scalable program.
Link to on demand recording: https://www.prevalent.net/resources/pfizer-case-study-how-to-get-third-party-risk-management-right
Connect with H-ISAC Around the Globe!
Las Vegas, USA—August 8:
H-ISAC Member Meet-Up at Black Hat USA 2019
Switzerland—October 16-17:
H-ISAC European Summit
Japan—October 24:
H-ISAC Workshop
California, USA—December 3-5:
H-ISAC Fall Summit
Florida, USA—May 11-13:
2020 H-ISAC Spring Summit
Arizona, USA—Nov 30—Dec 4:
2020 H-ISAC Fall Summit
H-ISAC Medical Device Security Workshop
Minnesota, USA. Hosted by Abbott Labs
Tuesday, September 17
Workshop topics include:
– CBoM / SBoM
– Threat Modeling
– Premarket Guidance
Agenda is still being finalized. If you would like to submit
a topic of interest, please email contact@h-isac.org
H-ISAC is pleased to publish a monthly member newsletter. It is designed to bring events and other important ISAC information to your attention. If there is something you would like to see included please email: contact@h-isac.org