CISA releases advisory on enhancing cyber resilience

Dec 18, 2023 - 02:31 PM
cybersecurity-hand-lock-graphic_900x400

The Cybersecurity and Infrastructure Security Agency Dec. 15 released an advisory on ways health care organizations can enhance their cybersecurity protection. CISA recommends that organizations use longer and more complex passwords; ensure that only ports, protocols and services with validated business needs are running on each system; train users against password reuse; discontinue reuse or sharing of administrative credentials among systems; and implement a security awareness program that focuses on methods commonly used in intrusions that can be blocked through individual action, among other solutions. 

“This report of findings from a network penetration test of a health care organization conducted by CISA provides useful guidance which may be applicable to other health care organizations,” said John Riggi, AHA national advisor for cybersecurity and risk. “In particular, the recommendations outlined in Table 6 of the document may help organizations identify and mitigate key sources of cyber risk. CISA has become very pro-active in helping organizations share best practices in mitigating cyber risk and conducts free risk and vulnerability assessments.” 
 
For more information on cyber and risk issues contact Riggi at jriggi@aha.org. For the latest cyber and risk information and resources visit www.aha.org/cybersecurity.

Related News Articles

Headline
AHA podcast: Cybersecurity on the Health Care Front Lines Against AI and Ransomware
Larry Pierce, director of cybersecurity and information security officer for Atlantic Health, unpacks how the growth of artificial intelligence is reshaping…
Headline
Agencies issue guidance on secure connectivity for operational technology
U.S. and international agencies Jan. 14 released guidance on secure connectivity for operational technology environments. Examples of OT environments in health…
Headline
AHA expresses support for bill improving cybersecurity workforce in rural hospitals
The AHA Jan. 14 expressed support for the Rural Hospital Cybersecurity Enhancement Act (S. 2169), legislation that would direct the Department of Health and…
Headline
FBI warns of attacks by North Korean cyber threat group using malicious QR codes
The FBI Jan. 8 released an alert on evolving threat tactics by Kimsuky, a North Korean state-sponsored cyber threat group. As of last year, the group…
Headline
CISA issues update on voluntary cybersecurity performance goals 
The Cybersecurity and Infrastructure Security Agency Dec. 11 released an update to its voluntary Cybersecurity Performance Goals, which includes measurable…
Headline
Agencies warn of state-sponsored cyberattacks from Russia, China
U.S. and international agencies are warning of potential cyberattacks on health care and other critical infrastructure from state-sponsored cyber actors in…