Health-ISAC Monthly Newsletter – January 2023

Text version:

Connecting to Meet the Challenge – An Overview of 2022

2022 had many challenges starting with Russia invading Ukraine and the cyber and physical threats leading up to and after the war started. We saw many ransomware attacks on hospitals and partner organizations all over the globe as well as attacks on critical infrastructure outside of healthcare such as electric substations and airport website defacements in the US, the rail infrastructure in Germany and city and country government systems in Belgium and Costa Rica to name a few.

We’ve also seen a rise in physical threats to healthcare environments with increasing violence and rhetoric around political issues, several large active shooter incidents at hospitals, geopolitical tensions, and natural incidents like heatwaves and hurricanes.

At Health ISAC, the community continued its successful efforts to gather facts, analyze impacts and share best practices and mitigation strategies. We added over 135 new member organizations to the sharing community bringing the number of connected security professionals around the world to more than 7,400. We enhanced our medical device security expertise with the addition of Phil Englert to our team in July.

In 2022 the Health ISAC Threat Operations Center (TOC) augmented Monthly Member Threat Briefings with 158 Finished Intelligence Reports, over 255 Targeted Alerts, over 1,100 TLP AMBER alerts, 8 TOC Spotlight threat and vulnerability webinars, and distributed over 17,700 high fidelity indicators of compromise. Members had almost 200 conversations around best practices and Health-ISAC staff members spoke at over 50 events worldwide and were quoted numerous times in the press.

We connected Members to each other through both customized and table-top exercises, the Hobby Exercise, workshops, and over 30 webinars. Approximately 1,300 people from 42 countries attended our global in-person Summits, which featured almost 90 member presentations. We added five new communities to our active Health-ISAC committees and working groups, and we published our first Annual Current and Evolving Cyber Threat Landscape Report as well as our Health-ISAC Annual Report. We also conducted our first Annual Member Survey, which realized a Net Promoter Score (NPS) of 77.

We continue to position and strengthen the ISAC to allow for even more capabilities in the future with more staff, services, expertise, and technology, such as initiating a CTI Analyst training program at our Americas Summits, conducting a European version of the Hobby Exercise, launching a brand refresh, and implementing a new back-end system that will provide members with self-service tools.

I’m looking forward to working with the community to meet whatever challenges 2023 will bring!

— Denise Anderson, Health-ISAC President and CEO