H-ISAC Working Groups & Committees

 

WORKING GROUPS

All H-ISAC Members are welcome to participate in the H-ISAC Working Groups. If you are an H-ISAC Member and would like to form a Working Group or for additional information on the Working Groups listed below, please email us at contact@h-isac.org.

Cloud Security Working Group

This new working group strives to bring together stakeholders in the health care security arena to develop solutions, identify best practices and facilitate the exchange of information that will result in a more efficient and secure use of cloud services and related practices. Goals include: Share ideas, white papers and new ways of working with cloud providers • Certifications, Checklist/Guidelines/Crosswalk for adoption or participation • Focus on and update management and specific laws or regulations • A Shared Services assessment for members to use for cloud adoption highlighting security gaps

Cyber Security Education and Awareness Working Group

The purpose of this new working group is to develop a mechanism whereby members can share ideas and tangible assets that can be leveraged to support the cyber security education and awareness programs of our H-ISAC member community.

eDiscovery Working Group
The mission of the Electronic Information Discovery and Litigation Security Group is to identify emerging risks in Litigation processes including eDiscovery collections, processing and production/sharing.  Other risks regarding information governance and security in litigation support functions stem from the expanse of electronic healthcare record-keeping including patient health records.
Medical Device Security Information Sharing Council (MDSISC)

The Health Information Sharing and Analysis Center (H-ISAC) established the Medical Device Security Information Sharing Council (MDSISC) on October 1, 2015. The mission of the MDSISC is to bring together stakeholders in the medical device security arena to develop solutions, identify best practices and facilitate the exchange of information that will result in a more efficient and secure use of medical devices and related practices. Membership is open to medical device manufacturers and stakeholders of the medical device security community that conduct their activities consistent with H-ISAC’s Operating Rules including Non-Disclosure Agreement, health industry regulations and best practices, and the highest ethical standards.

IS Incident Response Working Group

This group will share experiences, tactics, wins, and challenges to evolve our collective incident response capabilities and develop robust, sustainable programs in order to minimize damage from incidents and improve information security practices in our industry. Goals include producing a white paper in 2018, sharing best practices across incident detection, response, and analysis disciplines; exploring opportunities of sharing cyber war game and test incident response scenarios; as well  as improving efficiency and effectiveness of detect and respond operations by producing measurable, usable outcomes from this working group that members and future members can consume to leapfrog their incident response practices

IS Risk Management Working Group
The focus of this group will be to share experiences, tactics, wins, and challenges to evolve our collective capabilities and enable the focus of our organizations. Goals include: Share best practices across risk management methods, services, and outcomes; Reduce the impact of threats from adversaries by better understanding the risks that can or will affect us (protecting information and reputation of the sector);  Improve efficiency and effectiveness of security risk management operations; Explore opportunities of opportunities of sharing risk tactics or actually risks so that we can build a collective risk/threat landscape; Learn from each other’s accomplishments and challenges; Surface innovative ways to progress the risk management discipline; Define collective best practices for our ISAC; Build partnerships in industry; and Produce measurable, usable outcomes from this working group that members and future members can consume to leapfrog their IS risk management practices.
Provider Special Interest Working Group

The purpose of this work group is to find innovative ways to improve cybersecurity while not impeding patient care to lower the risk to the organization that may be vulnerable to attacks by the former employees, contractors, or potential hackers who look to compromise critical systems and steal health records. The goals of the Provider Working Group are to share ideas and generate white papers as well as new solutions to address the new technology within the provider community. Focus areas include: Establish (or adopt) a minimum standard for cybersecurity, Establish standards for tele health technology, Assist with supporting the smaller provider organizations, Increase the share of methods for cybersecurity and data protection, Develop patient/employee friendly cybersecurity approaches,  and Assist with training and awareness campaigns

Payer Special Interest Working Group

The purpose of the Payer Special Interest Council is to connect large and small insurance carriers to collaborate and share risk-based cybersecurity and anti-fraud strategies while reducing control impact to the business. We will discuss control frameworks, vendor tools, templates, and other non-proprietary information that can help combat and prevent cyber and fraud risks. Goals include: Development of white papers on cybersecurity approaches and best practices/awareness training, Share/exchange tactics and broad strategies that make material differences in the involved payer organizations and Assist with supporting smaller payer organizations. Focus areas include: Differentiating and addressing Payer vs. Provider cyber/fraud risk, Risk-based strategic and tactical safeguards/frameworks/programs, Control implementation and impacts to the business, Anti-Fraud mitigation strategies – Special Investigation Units (SIU), Tools and vendor feedback, Regulatory items (HIPAA, PCI, etc.) and Current threats/vulnerabilities.

Pharma and Supply Working Group

This group is finding innovative ways to detect cyber security risks to the delivery of medical care supplies and lower the risk to the organization that may be vulnerable to attacks by former employees, contractors, or potential hackers who look to compromise critical systems and steal health records.   The group shares ideas, cyber threat information and will generate white papers as well as new solutions to address the sharing of indicators of compromise (IOC) or indicators of attack (IOA) as well as information about the threat actors that could negatively affect technology within the pharma and supply community. Goals include: Establish (or adopt) a minimum standard for sharing of cyber security threat information within our vertical of healthcare, Assist with supporting the smaller pharma and supply organizations with shared knowledge, Increase the type of information sharing methods for cyber threat information sharing, Develop easier ways to share the threat intelligence we collective gather, and Assist with training and threat intelligence sharing campaigns.

Third Party Risk Governance (TPRG) Working Group
This working group aims to evolve our collective capabilities and enable the focus of our organizations in implementing a best – in – class third party risk management program by following these objectives:
– Share and learn best practices to mitigate risks posed by third parties
– Improve efficiency and effectiveness of third party risk management operating components
– Enhance understanding of a third party’s information security program maturity through shared  experiences
– Explore opportunities of sharing risk tactics or risk areas so that we can build a collective risk/threat landscape

  

JOINT WORKING GROUPS

H-ISAC Joint Working Groups serve the same function as its Working Groups; however, Joint Working Groups leverage non-member participation as well in order to accomplish their objectives.
Cyber Security Analytics Joint Working Group

This Joint Working Group is comprised of public/private healthcare industry information security leaders, FS-ISAC members, and some vendors. The group is committed to the development of advanced threat detection methods. This effort represents a crowdsourced approach to cybersecurity analytics within the healthcare industry, providing improved security at a lower cost. Leveraging MITRE’s Adversary Tactics, Techniques & Common Knowledge (ATT&CK) framework, each member organization conducts independent research on specific cybersecurity threat tactics. They meet regularly to share research results, refine the common analytic sharing model, and promote continuous improvement by the member community.

COMMITTEES

H-ISAC Committees support official programs of the H-ISAC. The Committees help serve a governance function and bring member input into the shaping of H-ISAC products and services. Since Committees serve a specific program function, membership to committees is not open membership. Any member that is interested in serving on a Committee may send an email to contact@h-isac.org to find out the process for membership and whether the Committee has an opening. 

Products & Services Committee

The Products and Services Committee (P&S) is responsible for assisting with the selection and governance of member-focused products and services.  Committee members utilize their experiences and expertise to contribute to the identification, evaluation, and ideation of solutions that would benefit the entire membership.

Membership Committee

 The Membership Committee is responsible for reviewing the make-up of the membership and determining which health sector segments should or should not be represented.

Threat Intelligence Committee

The Threat Intelligence Committee (TIC) is responsible for looking at the cyber threat landscape for the health and public health (HPH) sector and developing strategic direction for the ISAC community to anticipate and prepare for threats. The TIC helps facilitate the planning, coordination, collection, trending, processing and analysis, production of white papers and other materials and dissemination of primarily cyber threat intelligence for the HPH sector through engagement with internal and external stakeholders. The H-ISAC Threat Intelligence Committee is a closed working group.

 Groups Currently in Development:

ID – Authentication Committee

 

Translate »