November Highlights:
~ Successful European Summit in Portugal: photos and highlights with dates for 2023 in Croatia
~ Fall Americas Summit Final Checklist
~ 11/9 Healthcare Cybersecurity Workshop Co-hosted by Health-ISAC / American Hospital Association / and Georgia Hospital Association
~ Newest Addition to Health-ISAC’s Community Services: Flare
~ Health-ISAC Navigator whitepaper by Clearwater: Keeping Patient Data Secure in the Cloud.
~Upcoming Events and Top 10 Cybersecurity headlines
Pdf version:
2022 November
Text version:
Third European Summit – A Huge Success!
Aligning with traditional Portuguese fishing culture, Casting the Security Net indeed served as a tool to gather the European healthcare security community. As Denise Anderson, Health-ISAC President and CEO described in the Summit’s opening dialogue, the word
“net” has several meanings: to create a barrier to keep threats out, to capture or trap
threats, to protect like a safety net, and to connect, as in networking. And networking abounded in Algarve! Attendees are still buzzing about how great the networking was and how the content was so relevant to their work.
One summit attendee commented that “the majority – if not all – of the presentations had meaningful content to me,” and rated as Excellent the “level and spirit of networking.”
A fishing net is an ideal image to hold going forward – protection, safety, capture,
abundance, gathered resources, and best outcomes. Inspired by the words of the
Summit’s CISO Panel, let’s “keep the spirit of collaboration alive” throughout the entire Health-ISAC community.
The European Council announced the NEW Securitas Award, named after the Roman Goddess Securitas.
Securitas is a protective Goddess who watches over not only individuals in need but also entire empires. The recipient of this award at the next European Summit will similarly have contributed to the protection of Health-ISAC’s European community. We encourage
members to share information, collaborate and strive to become our FIRST Securitas Award recipient in 2023!
Save the date for next year’s European Summit in Dubrovnik, Croatia!: October 17-19
Fall Americas Summit
Route to Security Checklist
View the Agenda here: https://h-isac.org/summits/2022-fall-americas-summit/
Step 1 – Register. Mark your trip on the map; registration closes November 28
Step 2 – Book your hotel. No need to sleep in the car – Hotel group rate is available until November 11 or until the room block is sold out (and it is getting close)
Step 3 – Book your travel. Arrive at the starting line Monday to be ready for Working Groups and Member Round Tables bright and early Tuesday morning.
Go home Friday feeling refreshed, inspired, fully connected – and with a full tank!
REGIONAL WORKSHOPS
HEALTHCARE CYBERSECURITY WORKSHOP
Co-hosted by Health-ISAC / American Hospital Association / and Georgia Hospital Association
November 9 in Atlanta, Georgia
Meet healthcare and life sciences peers and learn cybersecurity best practices at this 8:30am-3pm workshop in Atlanta, Georgia. Hosted by Emory University, attendees will discuss the threat landscape, security awareness, incident response, and participate in a tabletop exercise.
https://h-isac.org/hisacevents/health-isac-american-hospital-association-cybersecurity-workshop-
hosted-by-emory-university/
COMMUNITY SERVICES VENDOR UPDATE
Newest Addition to Health-ISAC’s Community Services
Flare is the proactive digital footprint monitoring platform for mid-enterprise organizations. They scan the online world to discover unknown threats created by inadvertent employee behavior or malicious actors. Using these discoveries, Flare automatically prioritizes risks and delivers actionable intelligence that organizations can use instantly to improve security and reduce risk.
Try it for free – Each Health-ISAC member will be able to redeem 10 identifiers for 1 year, completely free (max of 3 Domain identifiers).
Learn more at https://h-isac.org/community-services/
WHITE PAPER
Health-ISAC Navigator whitepaper by Clearwater
Keeping Patient Data Secure in the Cloud.
Link: https://go.clearwatercompliance.com/wp-keeping-patient-data-secure-in-the-cloud
UPCOMING EVENTS
November 1: Health-ISAC Navigator webinar by Finite State – Navigating the Complexity of IoT Device Security
November 3: Health-ISAC Navigator web by Clearwater– Chasing a Cyber Attacker, What Healthcare Orgs Can Learn About Mitigating Risk
November 9: Health-ISAC Navigator web by Armis – Why HEALTHCARE Needs a Consolidated Security Strategy for Every Connected Asset
November 10: Health-ISAC Navigator web by Splunk – ATT&CK of the Sub-Techniques: Operationalizing MITRE ATT&CK for Healthcare
November 15: Navigator web by LuxSci – HIPAA-Compliant Martketing Best Practices
November 22: Navigator web by Cybellum – Making Sense of SBoMs and VEX for Healthcare and its Supply Chain
MONTHLY MEMBER EVENTS
1/29 – Member Threat Briefing
Last Tuesday of each month at 12pm ET
12/1 – ETC webinar at 12pm ET
Note: Due to the holidays, November/December ETC will be combined.
Top Health Related Cyber and Physical Events for November
Microsoft October 2022 Patch Tuesday Fixes Zero-Day Used in Attacks, 84 Flaws
Abuse of Legitimate Tools Threatens Healthcare Cybersecurity
A Quarter of Healthcare Ransomware Victims Forced to Halt Operations
Zoom for macOS Contains High-Risk Security Flaw
FBI Warns of Disinformation Threats Before 2022 Midterm Elections
US Government Warns of Daixin Team Targeting Health Organizations with Ransomware
Fortinet Urges Admins to Patch Bug with public Exploit Immediately
Increasing Interconnectedness Poses Healthcare Cybersecurity Risk
Hurricane Ian Shows that Coastal Hospitals Aren’t Ready for Climate Change
Healthcare Organizations to AG:Investigate Threats Over Children’s Transgender Care