Health-ISAC, a nonprofit, private sector, member-driven organization, has released its annual cyber threat report on current and emerging threat activity in the healthcare industry, in collaboration with Booz Allen Hamilton Cyber Threat Intelligence. The report provides actionable intelligence to healthcare security professionals worldwide, enabling them to enhance situational awareness and strengthen their ability to detect, mitigate, and respond to cyber threats.
The report ‘Current and Emerging Healthcare Cyber Threat Landscape‘ reviews and analyzes the cybercriminal, geopolitical, and nation-state threats currently faced by healthcare organizations, as well as future threats such as product abuse and synthetic accounts. The report also highlights the increase in connected medical devices, which increases the attack surface of healthcare institutions. While newer medical device designs have improved cybersecurity controls, organizations must prepare for and defend against a broad spectrum of technology while also dealing with software end-of-life issues in legacy medical devices.
Denise Anderson, President & CEO of Health-ISAC, emphasized the importance of the report in helping healthcare professionals stay ahead of the day-to-day threats facing the health sector and communicate long-term challenges the sector is facing. She stated, “Healthcare professionals can use the Health-ISAC annual threat report to not only stay ahead of the day-to-day threats facing the health sector but they can use the information strategically to communicate long-term challenges the sector is facing and help justify additional investments in cybersecurity spending and where more resources are needed – all in the name of improving patient safety and security.”
According to Errol Weiss, Chief Security Officer at Health-ISAC, while cyber adversaries continue to get more creative, simple attacks like social engineering are still very effective. He stated, “Information security practitioners who believed Multi-Factor Authentication (MFA) was the silver bullet are now reeling from major breaches that leveraged social engineering and technical measures to defeat it. All of this spells the need for continuous awareness – we need to stay on top of new threats and attack techniques, and most importantly, active information sharing that provides for community defense that will ultimately help improve the resilience of our healthcare sector networks.”
Health-ISAC connects thousands of healthcare security professionals worldwide to share peer insights, real-time alerts, and best practices in a trusted, collaborative environment.
Download the report here: https://h-isac.org/wp-content/uploads/2023/03/Health-ISAC-Exec-Summary-Annual-Threat-Report_TLP-White-2023.pdf
