web analytics

CISA Mitigation Guide for Healthcare Organizations: Part Three – Source: securityboulevard.com

cisa-mitigation-guide-for-healthcare-organizations:-part-three-–-source:-securityboulevard.com
Rate this post

Source: securityboulevard.com – Author: Wes Wright

Identify and address at-risk assets to protect your healthcare enterprise

On November 20, 2023, the Cybersecurity Infrastructure and Security Agency (CISA) issued guidance for healthcare delivery organizations (HDOs) struggling to secure their data and systems against a growing and pernicious onslaught of attacks from threat actors across the globe. The purpose of CISA’s Mitigation Guide: Healthcare and Public Health (HPH) Sector is to articulate “best practices to combat pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sector.”

In our second blog in this series we covered how Ordr supports best practices around Mitigation Strategy #2: Identity Management and Device Security, including the value of gaining real-time visibility into device details. In our final of the three-part series, we look at CISA’s third Mitigation Strategy: Vulnerability, Patch, and Configuration Management to learn the focus areas CISA has called out and how Ordr helps healthcare organizations successfully address these challenges.

Mitigation Strategy #3: Vulnerability, Patch, and Configuration Management

As it turns out, Ordr’s approach to cyber asset security, and our investments in data-based innovation means we’ve solved many of cybersecurity’s hardest problems, allowing our customers to create and execute strategies that address some of the most vexing challenges faced by healthcare organizations. By enabling healthcare (and any other!) organizations to See all assets in real-time including network connections and communications, Know the vulnerabilities, threats, and risks of each asset, and Secure every asset with automated policies to stop active attacks and proactively reduce the attack surface, our customers can better meet the goals CISA has identified.

“The process involves proactively scanning devices and systems for vulnerabilities or technology flaws that threat actors could exploit.”

CISA says that, to meet the goals of Mitigation Strategy #3 means “proactively scanning devices and systems for vulnerabilities or technology flaws that threat actors could exploit.” That is squarely in Ordr’s wheelhouse.

Our Ordr Data Lake–containing a library of millions of individual device profiles and access to extensive threat intelligence libraries–enables advanced analytics and maps vulnerabilities from information in the National Vulnerability Database and manufacturer databases. Using these resources, security teams can identify vulnerabilities and other critical information like product recalls, FDA restrictions, and weaknesses like outdated operating systems; weak, default, or no passwords; and other details essential for proper management and protection. Our passive vulnerability scanning approach does not impact sensitive medical devices.

When it comes to vulnerability management, security teams need to consider the entire lifecycle process.

  • Comprehensive visibility of vulnerabilities across all assets
  • Asset risk scores and granular insights into software applications installed to prioritize which devices need to be patched.
  • Automated remediation workflows assigned to the right device owners.
  • Continuous management throughout the entire process

Focus Area 1: Vulnerability and patch management

Ordr identifies devices with vulnerabilities and risks like obsolete operating systems, and unpatched or unauthorized software. We can also see which devices require attention because they contain protected health information (PHI), have recalls, or display risky communications and anomalous behavior. Then, Ordr applies a real-time risk score to each asset that helps the organization prioritize remediation and mitigation efforts, enabling optimized lifecycle vulnerability management with existing tools. This includes integration with existing workflows, as well as dynamic policy creation to segment assets that cannot be patched.

Focus Area 2: Configuration and change management

Because the Ordr Software Inventory Collector automatically gathers software details directly from assets it provides a real-time software bill-of-materials (SBOM) for both managed and unmanaged devices. That allows organizations to identify endpoint detection and response (EDR), mobile device management (MDM), disk encryption, and other elements that support the organization’s security standards before they are allowed onto the network by network access management solutions. That means the organization’s change management solution has a reliable and secure configuration to start with.

Every Environment is Different

While the CISA Mitigation Guide: Healthcare and Public Health (HPH) Sector is intended as a framework for improving the security of every healthcare organization, every enterprise requires a unique application of the strategies and principles outlined in the Guide. That means gaining a complete inventory of every cyber asset and understanding its configuration details and operation. Ordr has the technology and healthcare-specific domain expertise to help improve the security posture and adopt a Zero Trust approach to cybersecurity.

The challenge may seem overwhelming, but with the right resources it can be done, and easier than you might think–and Ordr can help. To get started, download our new white paper, Mapping Ordr Capabilities to CISA Mitigation Guide: Healthcare and Public Health (HPH) Sector, then contact us with your questions.

*** This is a Security Bloggers Network syndicated blog from Ordr Blog – Ordr authored by Wes Wright. Read the original post at: https://ordr.net/blog/cisa-mitigation-guide-for-healthcare-organizations-part-three/

Original Post URL: https://securityboulevard.com/2024/02/cisa-mitigation-guide-for-healthcare-organizations-part-three/

Category & Tags: Security Bloggers Network,healthcare security – Security Bloggers Network,healthcare security

Views: 0

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

New York State
Cybersecurity Program Template A resource to help individual licensees and individually owned businesses develop a cybersecurity program as required by New York State’s Cybersecurity Regulation 23 NYCRR Part 500
Cybersecurity Program Template A resource...
Apress
Cyber Security on Azure An IT Professional’s Guide to Microsoft Azure Security
Cyber Security on Azure An...
CyberJA
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL COMPONENT OF CYBER RISK MANAGEMENT
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL...
SOSAFE
CybercrimeTrends 2024 The latest threats and security best practices
CybercrimeTrends 2024 The latest threats...
Routledge
Cyber Security Politics Socio-Technological Transformations and Political Fragmentation
Cyber Security Politics Socio-Technological Transformations...
Cigref
Surviving a Massive cyber-attack by Cigref
Surviving a Massive cyber-attack by...
Cigref
Surviving a Massive cyber-attack by Cigref
Surviving a Massive cyber-attack by...
Splunk
SPLUNK® AND THE CIS CRITICALSECURITY CONTROLS Mapping Splunk Software to the CIS 20 CSC Version 6.0
SPLUNK® AND THE CIS CRITICALSECURITY...
SOC SIEM Use Cases
SOC SIEM Use Cases
safecode
Six Pillars of DevSecOps- Collaboration and Integration
Six Pillars of DevSecOps- Collaboration...
SentineOne
WatchTower I ntelligence-Driven Threat Hunting
WatchTower I ntelligence-Driven Threat Hunting
CNIL
Security of Personal Data
Security of Personal Data

More Latest Published Posts

CISA | Cybersecurity and Infrastructure Security Agency
UNDERSTANDING AND RESPONDING TO DISTRIBUTED DENIAL-OF-SERVICE ATTACKS
UNDERSTANDING AND RESPONDING TO DISTRIBUTED DENIAL-OF-SERVICE ATTACKS
McKinsey & Company
Transforming risk efficiency and effectiveness
Transforming risk efficiency and effectiveness
Arnold Antoo
Zero Trust Security Model
Zero Trust Security Model
Richea Perry
Your Cybersecurity Toolkit
Your Cybersecurity Toolkit
IGNITE Technologies
Wireless Penetration Testing
Wireless Penetration Testing
Joas A Santos
Windows API for Red Team #101
Windows API for Red Team #101
Economic Research Working Paper
Artificial Intelligence and Intellectual Property
Artificial Intelligence and Intellectual Property
CASOS DE USO APLICABLES EN UN SIEM
CASOS DE USO APLICABLES EN UN SIEM
IGNITE Technologies
Burp Suite for Pentester
Burp Suite for Pentester
The Institute of Internal auditors
Auditing Risk Culture
Auditing Risk Culture
DevSecOps Guide
ATTACKING PHP APPLICATIONS
ATTACKING PHP APPLICATIONS
DevSecOps Guide
ATTACKING KUBERNETES WITH SECURITY BEST PRACTICE
ATTACKING KUBERNETES WITH SECURITY BEST PRACTICE
CLTC WHITE PAPER SERIES
Guidance for the Development of AI Risk and Impact Assessments
Guidance for the Development of AI Risk and Impact Assessments
Active Directory
Active Directory IT AuditChecklist
Active Directory IT AuditChecklist
A guide to business continuity planning
A guide to business continuity planning
LOG RHYTHM
Using MITRE ATT&CK™ in Threat Huntingand Detection
Using MITRE ATT&CK™ in Threat Huntingand Detection
Kaspersky
H2 2023 – A brief overviewof main incidentsin industrial cybersecurity
H2 2023 – A brief overviewof main incidentsin industrial cybersecurity
Andrey Prozorov
24 Great Cybersecurity Frameworks
24 Great Cybersecurity Frameworks
ENISA-EUROPA
SEGURIDAD DE TELECOMUNICACIONES
SEGURIDAD DE TELECOMUNICACIONES
Project Management Institute
Building Resilience Through Strategic Risk Management
Building Resilience Through Strategic Risk Management
DATA LOSS PREVENTION (DLP)
DATA LOSS PREVENTION (DLP)
AICSSolutions
Cybersecurity Red Team
Cybersecurity Red Team
cisco
Cyber Incident Response
Cyber Incident Response
CSR Cyber Security Council
EVERY BUSINESS HAS DUTIES OF CARE IN THE FIELD OF CYBER SECURITY
EVERY BUSINESS HAS DUTIES OF CARE IN THE FIELD OF CYBER SECURITY
SYBEX
Cybersecurity ESSENTIALS
Cybersecurity ESSENTIALS
Agency for Digital Government
Cyber security in supplier relation ships
Cyber security in supplier relation ships
RINKU
Curso de introducción KALI LINUX PARA HACKERS ÉTICOS
Curso de introducción KALI LINUX PARA HACKERS ÉTICOS
CNIL
PRACTICE GUIDE GDPR
PRACTICE GUIDE GDPR