December’s Newsletter features:
- Health-ISAC’s 2022 Fall Americas Summit – Reminders;
- Health-ISAC’s 2023 Summits – Save the Dates;
- Health-ISAC’s Threat Operations Center — Working through a Hurricane;
- Podcast– AEI panel discussion with Health-ISAC’s Director of Medical Device Security, Phil Englert;
- New Education Committee — Seeking Members;
- New Member Tool in 2023– SLACK;
- European Workshop — January 12 in Prague, Czech Republic;
- Upcoming Events — Conferences and Webinars.
Pdf version:2022 December
Member Satisfaction Survey
The results are in and Health-ISAC has a Net Promoter Score (NPS) of 77, which is considered excellent. For reference, Amazon’s NPS is 62; and Starbucks’ NPS is 77. The First Annual Health-ISAC Member Satisfaction Survey, which was conducted from April 25 – May 13, 2022 revealed Health-ISAC Membership recognizes a very high level of value over the entire range of Health-ISAC offerings with an average “total value” score of 76% out of 100%.
View Survey Results Here: https://h-isac.org/2022-health-isac-member-satisfaction-survey-results/
Fall Americas Route to Security Summit
Tires checked, tank full, bags packed; off we go!
In-person sessions start on Tuesday, December 6th with working group and committee meetings, followed by the Member Meeting and then the ever popular small group Member Round Table discussions featuring topics from insider threats to vulnerability disclosure experiences.
Use the app to stay up to date with the Summit. Search the App Store for “Health-ISAC Summits.” All attendees, both in person and virtual, will have access to recorded sessions through the end of January. Let’s hit the road!
Looking ahead to 2023
Here are some dates to save for next year’s not-to-miss global Summits.
More information on the Summits below can be found here: https://h-isac.org/events/#UpcomingSummits
APAC Summit – 21-23 March 2023 in Singapore
The APAC Summit agenda is being planned and potential speakers should submit a topic. Call for papers closes soon.
Spring Americas Summit – May 8-12 in Palm Harbor, Florida
Agenda topics are currently being accepted for the Spring Americas Summit.
European Summit – 17-19 October in Dubrovnik, Croatia
Save the date!
Fall Americas Summit – November 27 – December 1 in San Antonia, Texas
Save the date!
THREAT OPERATIONS CENTER
Health-ISAC’s Threat Operations Center Staff Prove Resilient During Hurricane Ian
While Hurricane Ian was cutting across central Florida on September 29, Mandiant released a blog post at 9 am ET alerting the world they had found a vulnerability in VMWare that was actively being exploited by sophisticated threat actors. Health-ISAC held a Spotlight Webinar that afternoon with guests from Mandiant and Health-ISAC’s Threat Intelligence Committee (TIC) to discuss the VMWare vulnerability, observations of active exploitations, and recommendations to mitigate the issue. Nearly 200 Health-ISAC members attended the live session.
Health-ISAC staff were literally in the hurricane while the session was being broadcast and had contingency plans in place in case anyone lost power and/or internet services during the presentation. Fortunately, the session went off without a hitch and despite unfortunate devastation in the Fort Myers area, our staff fared well from the storm.
AEI panel discussion with Health-ISAC’s Director of Medical Device Security, Phil Englert.
IOT SECURITY STANDARDS: WHERE SHOULD THE SECURITY LIE IN OUR NETWORKS?
Link: https://h-isac.org/iotsecurity-standards-where-s hould-the-security-lie-in-ournetworks/
WORKSHOP IN CZECH REPUBLIC
Join Health-ISAC and other stakeholders in the healthcare cybersecurity community to share, network, and learn.
Topics will cover: Threat Landscape Security Awareness Operational Technology NIS2 Directive Incident Response Information Sharing
Link to register: https://h-isac.org/hisacevents/health-isac-healthcare-cybersecurity-workshop-hosted-by-msd/
NEW EDUCATION COMMITTEE
Calling All Cybersecurity Educators and Trainers
We need your unique point of view to help shape Health-ISAC’s educational offerings for the future. Your thoughts and expertise will help on a broad range of topics: Leadership / Workforce Development, Healthcare Specific Cybersecurity College Courses, Certification, Micro-Credentialing, Mentorship, Internships, and all other related types of Educational pursuits.
Cybersecurity Education/Training Professionals interested in helping, please apply for a position on the Education Committee, simply email firstname.lastname@example.org for a follow-up discussion.
[Note: This committee is different from Health-ISAC’s Cybersecurity Awareness and Training Working Group.]
Link to All Events https://h-isac.org/events/
December 13: Health-ISAC Navigator webinar
– How to Use Zero Trust to Improve Your Healthcare Organization’s Cybersecurity Posture – by Process Unity
December 20: Member Threat Briefing
Top Health Related Cyber and Physical Events for December
Ransomware on Healthcare Organizations Cost Global Economy $92 Billion
Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign
New Healthcare Privacy Challenges As Online Data Tracking, Sharing Methods Evolve
War Wake-up Call Spurs EU to Boost Cyber, Army Mobility
Advanced Threat Predictions for 2023
Aveanna Healthcare Data Breach Could Cost Firm More than $1M Extortion fears After Hacker Stole Patient Files From Dutch Mental Health ClinicsHHS to Partner with Health Systems on National Patient Safety Alliance