H-ISAC TLP White Hacking Healthcare - July 6, 2021

This edition of Hacking Healthcare begins by evaluating the National Institute of Standards and Technology’s (NIST) definition of “critical software” and what that definition might mean for healthcare within the context of the cybersecurity executive order. Next, we take a look at a new US Cybersecurity & Infrastructure Security Agency (CISA) initiative for improving cybersecurity, and we assess whether focusing on bad practices is likely to make a noticeable difference. Lastly, we provide a brief update on how the Biden administration is considering tackling the scourge of ransomware, including some thoughts on offensive action, incident reporting, and the feasibility of banning of ransom payments. Welcome back to Hacking Healthcare.

In this edition:

  • NIST Defines “Critical Software
  • CISA to Focus On Bad Practices
  • Ransomware Continues to Confound US Policy Responses

View the entire report below. 

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

Senior Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272

More on John Riggi
Learn more about AHA's Cybersecurity and Risk Advisory Services

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public