The Cybersecurity and Infrastructure Security Agency leverages multiple open-source and internal tools to proactively research and detect vulnerabilities within U.S. critical infrastructure as part of its new Ransomware Vulnerability Warning Pilot, which started on January 30.
WHY IT MATTERS
On Monday, CISA announced the creation of its RVWP program required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
CISA says it can accomplish ransomware-vulnerability warning by leveraging its existing services, data sources, technologies and authorities, including the agency’s Cyber Hygiene Vulnerability Scanning service and its Administrative Subpoena Authority granted under Section 2209 of the Homeland Security Act of 2002, according to theFAQon its website.
“Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents,” CISA said in the new FAQ.
Most organizations may be unaware that a vulnerability used by ransomware threat actors is present on their network. But damaging intrusions could be avoided by warning critical infrastructure entities, like hospitals and healthcare systems, of detected security vulnerabilities.
Once CISA identifies affected systems, regional cybersecurity personnel notify system owners.
CISA also offers no-cost cybersecurity resources and tools. It recommends that organizations sign up for its no-cost Cyber Hygiene Vulnerability Scanning service and take a self-assessment to determine progress in implementing cybersecurity performance goals.
By building a relationship with a regional CISA cybersecurity advisor, healthcare organizations can participate in additional services, the agency added.
THE LARGER TREND
Toimprove the cybersecurity posture of healthcarethe Department of Health and Human Services has recommended enterprise-wide risk analyses and a series of best practices, including vulnerability scans of all systems and devices to reduce the risks of common cyberattacks.
Vulnerability management has been the most important part of cybersecurity for the past 20 years, according to Darren Lacey, vice president and CISO for Johns Hopkins University and Johns Hopkins Medicine.
“We chase down vulnerabilities and, in fact, if you had to say what was the biggest change in cybersecurity over the last 10 years along with the ransomware spike would be the number of publicized vulnerabilities,” he toldHealthcare IT Newsin September.
Ransomware attacks doubledbetween 2020 and 2022, and with cyberattacks getting more innovative in their approaches over time, it behooves all healthcare organizations to make use of all the cybersecurity services CISA, HHS and industry resources offer.
ON THE RECORD
“Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities,” CISA says in its new RVWP program FAQ. “By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experiencing a ransomware event.”
Andrea Fox is senior editor of Healthcare IT News.
Email:afox@himss.org
Healthcare IT News is a HIMSS Media publication.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
2024 P, D Kennedy Half Dollar 2 Coin Set Uncirculated
$9.99 (as of June 16, 2024 20:54 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Massive Beads Multicolor Tiger's Eye - Vitality and Abundance - Handmade Handmade Yoga Stretch Elastic Bracelet Natural Stone Crystal Healing Power Energy Gifts for Unisex Adult 4mm
$7.99 (as of June 16, 2024 21:00 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Apple AirPods Pro (2nd Generation) Wireless Ear Buds with USB-C Charging, Up to 2X More Active Noise Cancelling…
$189.99 (as of June 15, 2024 20:54 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Katamco The Original Toilet Timer (Classic), As Seen on Shark Tank. Funny Gift for Men, Husband, Dad, Son, Birthday,…
$14.99 (as of June 15, 2024 20:54 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
_1_0.jpeg){kind=logo}
