CISA releases advisory on enhancing cyber resilience

Dec 18, 2023 - 02:31 PM
cybersecurity-hand-lock-graphic_900x400

The Cybersecurity and Infrastructure Security Agency Dec. 15 released an advisory on ways health care organizations can enhance their cybersecurity protection. CISA recommends that organizations use longer and more complex passwords; ensure that only ports, protocols and services with validated business needs are running on each system; train users against password reuse; discontinue reuse or sharing of administrative credentials among systems; and implement a security awareness program that focuses on methods commonly used in intrusions that can be blocked through individual action, among other solutions. 

“This report of findings from a network penetration test of a health care organization conducted by CISA provides useful guidance which may be applicable to other health care organizations,” said John Riggi, AHA national advisor for cybersecurity and risk. “In particular, the recommendations outlined in Table 6 of the document may help organizations identify and mitigate key sources of cyber risk. CISA has become very pro-active in helping organizations share best practices in mitigating cyber risk and conducts free risk and vulnerability assessments.” 
 
For more information on cyber and risk issues contact Riggi at jriggi@aha.org. For the latest cyber and risk information and resources visit www.aha.org/cybersecurity.

Related News Articles

Headline
Microsoft warns of sophisticated phishing campaign heavily targeting health care organizations
Microsoft Threat Intelligence is warning of a large scale, multistage phishing campaign that disproportionately targeted the health care sector, sending “code…
Headline
CISA announces initiative to bolster critical infrastructure against nation-state cyberattacks
The Cybersecurity and Infrastructure Security Agency has launched a new initiative for critical infrastructure to defend against cyberattacks through proactive…
Headline
Webinar to explore AI use in cybersecurity, health care technology 
John Riggi, AHA national advisor for cybersecurity and risk, will moderate a webinar May 5 at 1 p.m. ET that will explore how bad actors are leveraging…
Headline
AHA, Joint Commission announce cybersecurity readiness effort 
The AHA and Joint Commission May 4 announced the launch of the Cyber Resilience Readiness program, an initiative to help hospitals and health systems assess…
Headline
Agencies issue guidance on adopting agentic AI systems
The Cybersecurity and Infrastructure Security Agency, National Security Agency and international partners have released guidance on adopting agentic artificial…
Headline
Advisory details shifting tactics of Chinese cyber actors using covert networks for malicious activity
A joint advisory released April 23 from U.S. and international cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency, FBI,…