Health ISAC Unveils “All About Authentication:
A Health-ISAC Guide for CISOs”

Third paper in Health-ISAC series to help CISOs develop an identity-centric approach to cybersecurity


ORMOND BEACH, FL, March 1, 2021 – The Health Information Sharing and Analysis Center (Health-ISAC), the global non-profit that provides the health sector with a trusted community for sharing cyber and physical security threats, today released a free guide intended to help Chief Information Security Officers (CISOs) understand and implement a modern approach to authentication.

It’s an anomaly these days when a major breach happens and compromised authentication systems don’t play a role. “All About Authentication: A Health-ISAC Guide for CISOs” provides practical guidance to help CISOs select and implement modern authentication solutions that are both more secure and also easier for people to deploy and use.

“Multi Factor Authentication (MFA) is critical to stopping attacks — but as we detail in this paper, not all MFA is the same, and attackers are already exploiting some first-generation MFA tools,” said Denise Anderson, President and CEO of Health-ISAC. “CISO’s will find the in-depth publication is a valuable tool that will help them stay ahead of the curve.”

“All About Authentication: A Health-ISAC Guide for CISOs” details how different types of authentication work, how to evaluate the differences between solutions, and what industry best practices and standards are available. The white paper provides two case studies from healthcare organizations that recently transitioned to modern authentication solutions. Both examples provide insight into how to translate the ideas outlined in this paper into the real world.

The authentication guide represents the third paper in the Health-ISAC series designed to introduce CISOs to an identity-centric approach to cybersecurity. By providing an explanation of key concepts, outlining a framework and best practices, investigating the various solutions, and highlighting aspects of an effective implementation, Health-ISAC is creating a holistic guide to assist CISOs in the health sector on how best to approach Identity and Access Management (IAM) and its role in managing cybersecurity risk.

The paper can be downloaded at the Health-ISAC website:


Health-ISAC is a trusted community of critical infrastructure owners and operators within the global Healthcare and Public Health sector (HPH). The community is primarily focused on sharing timely, actionable and relevant information with each other including intelligence on threats, incidents and vulnerabilities and best practices, mitigation strategies and more. Sharing occurs both machine-to-machine and person-to-person. H-ISAC also fosters the building of relationships and networking through worldwide educational events and whitepapers. Working groups and committees focus on topics of importance to the sector and member-vetted shared services offer enhanced services to leverage the H-ISAC community for the benefit of all.

Translate »