This Cybersecurity and Infrastructure Security Agency (CISA) Mitigation Guide offers recommendations and best practices to combat pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sector. Identified vulnerabilities in organizations across the HPH Sector present opportunities to mitigate risks before intrusions occur. Unmitigated vulnerabilities increase the likelihood of threat actors successfully employing malicious tactics, techniques, and procedures (TTPs) against HPH organizations.
- As indicated in the Cyber Risk Summary: Healthcare and Public Health (HPH) Sector Calendar Year 20221 and figure1, CISA identified common vulnerabilities and insecure configurations across the HPH Sector, such as:
- Web application vulnerabilities
- Encryption weaknesses
- Unsupported software
- Unsupported Windows operating systems (OS)
- Known exploited vulnerabilities (KEVs)
- Vulnerable services
Views: 0
