H-ISAC TLP White Announcement Joint Release of Health Industry Cybersecurity Practices (HICP) 2023 and Supplements

On April 17, 2023, the Healthcare and Public Health Sector Coordinating Council (HSCC) and the U.S. Department of Health and Human Services (HHS) issued a joint release titled Health Industry Cybersecurity Practices (HICP) 2023.  The release is an update to the flagship 2019 publication.

Please find the PDF version of the 2023 HICP attached for easy access. The 2023 HICP, along with additional details and resources, are available here: https://405d.hhs.gov 

In addition to the 2023 HICP, please find attached Hospital Resiliency Landscape Analysis which assesses the adversarial methods threat actors are leveraging to gain access to hospital systems and compares that benchmark to current hospital cybersecurity protections.  

The Hospital Resiliency Landscape Analysis publication is the result of the leadership and collaboration of Health-ISAC, the HPH Joint Cybersecurity Working Group, the Health Sector Coordinating Council (HSCC), and the 405(d) Steering Committee, and the 405(d) Task Group. 

Lastly, please review the Knowledge on Demand cybersecurity education platform that includes multiple delivery methodologies to reach various-sized healthcare facilities. The platform includes five cybersecurity training courses that align with the top five cybersecurity threats outlined in the HICP. View the detailed report below.