The Cybersecurity and Infrastructure Security Agency leverages multiple open-source and internal tools to proactively research and detect vulnerabilities within U.S. critical infrastructure as part of its new Ransomware Vulnerability Warning Pilot, which started on January 30.
WHY IT MATTERS
On Monday, CISA announced the creation of its RVWP program required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
CISA says it can accomplish ransomware-vulnerability warning by leveraging its existing services, data sources, technologies and authorities, including the agency’s Cyber Hygiene Vulnerability Scanning service and its Administrative Subpoena Authority granted under Section 2209 of the Homeland Security Act of 2002, according to theFAQon its website.
“Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents,” CISA said in the new FAQ.
Most organizations may be unaware that a vulnerability used by ransomware threat actors is present on their network. But damaging intrusions could be avoided by warning critical infrastructure entities, like hospitals and healthcare systems, of detected security vulnerabilities.
Once CISA identifies affected systems, regional cybersecurity personnel notify system owners.
CISA also offers no-cost cybersecurity resources and tools. It recommends that organizations sign up for its no-cost Cyber Hygiene Vulnerability Scanning service and take a self-assessment to determine progress in implementing cybersecurity performance goals.
By building a relationship with a regional CISA cybersecurity advisor, healthcare organizations can participate in additional services, the agency added.
THE LARGER TREND
Toimprove the cybersecurity posture of healthcarethe Department of Health and Human Services has recommended enterprise-wide risk analyses and a series of best practices, including vulnerability scans of all systems and devices to reduce the risks of common cyberattacks.
Vulnerability management has been the most important part of cybersecurity for the past 20 years, according to Darren Lacey, vice president and CISO for Johns Hopkins University and Johns Hopkins Medicine.
“We chase down vulnerabilities and, in fact, if you had to say what was the biggest change in cybersecurity over the last 10 years along with the ransomware spike would be the number of publicized vulnerabilities,” he toldHealthcare IT Newsin September.
Ransomware attacks doubledbetween 2020 and 2022, and with cyberattacks getting more innovative in their approaches over time, it behooves all healthcare organizations to make use of all the cybersecurity services CISA, HHS and industry resources offer.
ON THE RECORD
“Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities,” CISA says in its new RVWP program FAQ. “By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experiencing a ransomware event.”
Andrea Fox is senior editor of Healthcare IT News.
Email:afox@himss.org
Healthcare IT News is a HIMSS Media publication.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
SmileBelle Daisy Pearl Necklace, Dainty Pearl Choker Necklace for Women as Flower Necklace, 14K Gold Plated Stainless Steel Gold Necklaces as Christmas Stocking Stuffers for Girls Daisy Costume Gift
$7.99 (as of November 21, 2024 18:57 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
ThermoMaven Professional Meat Thermometer Digital, 0.5 Sec Truly Instant Read, NIST Certified Accurate to ±0.5℉, Ultra Bright LED Screen, 100% Waterproof, Motion-Sensing Wake/Sleep, Black
$19.99 (as of November 21, 2024 18:55 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
MontNorth Collapsible Basin Bucket,9L Collapsible Dishpan with Drain Plug for Kitchen Sink,5L Portable Foldable Small Plastic Water Supplies for Outdoor Garden Camping Fishing Car Wash(Sets of 2)
$16.14 (as of November 21, 2024 18:57 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Amazon Fire TV Stick 4K (newest model) with AI-powered Fire TV Search, Wi-Fi 6, stream over 1.5 million movies and shows, free & live TV
$21.99 (as of November 21, 2024 19:21 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
