Health care providers have worked diligently to mitigate breaches
in patient health information as they have increased the use of
health records. As technology’s role in the delivery of health
care grows, the cybersecurity risks are increasing, and
organizations find themselves mitigating a variety of new and
ever-changing cyberattacks to a wide range of clinical and
operational technology systems.
CHA encourages all health care providers to work with their
information system management team to identify the necessary
resources to develop a strong cybersecurity defense.
This Operational Continuity-Cyber Incident (OCCI) checklist
provides a flexible template for operational staff and executive
management to respond to and recover from an extended enterprise
outage due to a serious cyber attack.
The checklist’s suggested operational structures and tasks can be
modified or refined according to an organization’s size,
resources, complexity and capabilities.
The checklist represents the best collective thinking of
private-sector cybersecurity and emergency management executives
of the HSCC Incident Response/Business Continuity (IRBC) Task
Group of the Health Sector Coordinating Council’s Cybersecurity
Working Group (CWG). It is not associated in any way with any
regulatory compliance program.
John Riggi, senior advisor for cybersecurity and risk at the
American Hospital Association, a nationally recognized
cybersecurity expert and former FBI cyber senior executive has
been on the forefront in directly assisting health care providers
as they prepare for, respond to and recover from ransomware
attacks. Mr. Riggi will discuss his uniquely informed national
perspective on the rash of recent ransomware attacks, identify
the groups behind these attacks, how hospitals and health systems
have become victimized, and what can be done to prevent these
Mr. Riggi will also discuss the impact these ransomware attacks
have had on large systems and small hospitals — from lost data
and revenue to civil and regulatory exposure, loss of community
confidence and, most significantly, impact to patient care
delivery and risk to patient safety.
Mr. Riggi will also discuss AHA’s national call to action to the
federal government to utilize all elements of national power to
“defend forward” and disrupt these ransomware attackers who are
being provided safe harbor in adversarial nations. The government
has heard the call and responded.
The Internet of Things (IoT) applications are growing rapidly
with more healthcare organizations adopting the use of security
cameras, drones, internet connected HVAC, and more. However, not
all devices are designed with security in mind. Data breaches in
the news are increasing in frequency. Do you know if your devices
are protected and how you can protect your IoT data?
Ransomware is a serious and increasing threat to all
government and private sector organizations,
including critical infrastructure organizations.
All organizations are at risk of falling victim to a ransomware
incident and are responsible for protecting sensitive
and personal data stored on their systems.
This fact sheet provides information for all government and
private sector organizations, including critical
infrastructure organizations, on preventing and responding to
ransomware-caused data breaches. CISA encourages
organizations to adopt a heightened state of awareness and
implement the recommendations on this linked resource:
In the wake of several natural disasters, providers are reminded
to stay vigilant for cyber scams. The attached tips from the
National Health Information Sharing and Analysis Center outline
several common scams attempted in times of crisis, including
spoofs of relief organizations, sham flood mitigation or debris
removal organizations, and flood insurance robocall scams. Those
who wish to donate to relief funds should:
The Federal Bureau of Investigation Internet Crime Complaint
Center, also known as IC3, accepts online Internet crime
complaints. Complaints may come from the victim or interested
third party. When filing a complaint be accurate and thorough. Be
sure to include your name, address, and phone number as well as
the perpetrator’s, if known. Include specific details on how,
when, and why as well as any other pertinent information. To file
a claim or for more information click here.
Cybersecurity vulnerabilities and intrusions pose risks for every
hospital and its reputation. While there are significant
benefits for care delivery and organizational efficiency from the
expanded use of networked technology, Internet-enabled medical
devices and electronic databases for clinical, financial and
administrative operations, networked technology and greater
connectivity also increase exposure to possible cybersecurity
threats that require hospitals to evaluate and manage new
risks. Hospitals can prepare and manage such risks by viewing
cybersecurity not as a novel issue but rather by making it part
of the hospital’s existing governance, risk management and
business continuity framework. Hospitals also will want to
ensure that the approach they adopted remains flexible and
resilient to address threats that are likely to be constantly
evolving and multi-pronged.
California is at the center of the digital revolution that is
changing the world. Because of work done by companies right here
in our home state, we are more connected – and empowered – than
ever before. But we are also increasingly vulnerable.
Unfortunately, cyber-crime, data breaches, theft of proprietary
information, hacking and malware incidents are now routine.
Every business in California should follow the steps summarized
in the attached guide “Cybersecurity in the Golden State” in
order to reduce the chance they will be a victim of cybercrime.
These measures, however, cannot guarantee that businesses will
avoid cyber-security incidents, and the Guide therefore contains
recommendations for how to prepare an effective cybersecurity
incident response plan.
In response to heightened awareness and concerns about cyber
threats, attacks and incidents, new guidance for healthcare
organizations wanting to assess the state of their cybersecurity
preparedness has been released.
The guidance identifies an appropriate subset of controls within
the HITRUST Common Security Framework (CSF) that are most
directly related to detecting and thwarting cyber-related
breaches and allows organizations to assess against the
cyber-specific controls and receive a snapshot of their cyber
capabilities and readiness.
The DHS National Cyber Security Division conducts no-cost,
voluntary Cyber Resilience Reviews to evaluate and enhance
cyber security capacities and
capabilities within all 18 Critical Infrastructure and Key
Resources (CIKR) Sectors.
The CRR seeks to understand cyber security management of services
(and associated assets) critical for an organization’s mission
success by focusing on protection and sustainment practices
within ten key domains that contribute to the overall cyber
resilience of an organization.
What to Expect
The CRR is a one-day, on-site facilitation and interview of
key cyber security personnel.
The participants will receive a draft report within 45
calendar days to review and provide feedback report results. DHS
will subsequently issue a final CRR Report.
CRR results are afforded protections under the DHS Protected
Critical Infrastructure Information— the results are for
organization use and DHS does not share results.
Governor Brown signed Executive
Order B-34-15, establishing the California Cybersecurity
Integration Center to be established and led by California’s
Office of Emergency Services. The Center’s primary mission will
be to reduce the likelihood and severity of cyber incidents that
could damage California.
InfraGard is a partnership between the private sector and the
Federal Bureau of Investigation. This association of
businesses, academic institutions, state and local law
enforcement agencies is dedicated to sharing information and
intelligence to prevent hostile acts against the United States.
InfraGard Chapters are geographically linked with FBI Field
There is no cost to join
InfraGardand members receive these