1 / 21

NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER

NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER . THE NATION’S HEALTHCARE & PUBLIC HEALTH SECTOR INFORMATION SHARING & ANALYSIS CENTER. Information & Cybersecurity Threat & Vulnerability Protection, Best Practice & Education. Executive Overview Agenda. NH-ISAC

vian
Télécharger la présentation

NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER THE NATION’S HEALTHCARE & PUBLIC HEALTH SECTOR INFORMATION SHARING & ANALYSIS CENTER Information & Cybersecurity Threat & Vulnerability Protection, Best Practice & Education

  2. Executive Overview Agenda NH-ISAC HEALTHCARE & PUBLIC HEALTH CRITICAL INFRASTRUCTURE PROTECTION EXECUTIVE OVERVIEW National Critical Infrastructure and Key Resources (CIKR) Protection – Public/Private Partnership Cybersecurity Overview – Threats/Vulnerabilities/Attacks Protecting the Health & Public Health Sector US Department of Health & Human Services, US DHS Health Sector Coordinating Council – Government/Private Sector National Health Information Sharing & Analysis Center (NH-ISAC) NH-ISAC Membership – Value Proposition

  3. Homeland Security Presidential Directive 7 (HSPD-7) – National CIKR Protection National Infrastructure Protection Plan (NIPP) - After 9/11, 18 National Critical Infrastructures and Key Resources (CIKR) were identified for protection. Presidential Directive (HSPD-7) – Established national Policy to identify and prioritize US critical infrastructures and key resources – protecting from terrorist attacks. Recognizing that each infrastructure possessed its own unique characteristics and operating models, Sector-Specific Agencies (SSAs) were identified to develop sector CIKR protection plans. Information Sharing & Analysis Centers (ISACs) - Federal departments (US DHS, FBI, etc.) and SSAs collaborate in a public/private partnership with sector-specific ISACs to encourage sector-specific mechanisms to monitor, identify, prioritize, analyze and coordinate sector protection (physical and cyber). 1 – CIKR Protection

  4. Protection Partnership / 2-Way Information Sharing - ISACs DHS Information Sharing Environment (ISE) CIKR Components Coordination & Governance / Risk Mitigation Relationship Management / Information Exchange Content Identification & Development INFORMATION SHARING & ANALYSIS CENTERS (ISACs) The definition of an ISAC is "a trusted, sector-specific entity which provides to its constituency a 24/7 Secure Operating Capability that establishes the sector’s specific information/intelligence requirements for incidents, threats and vulnerabilities (two-2ay information sharing). Based on its sector-focused subject-matter analytical expertise, the ISAC then collects, analyzes and disseminates alerts and incident reports to its membership and helps the government understand impacts for its sector.” ISAC Characteristics: Trusted Information Sharing & Analysis, Trusted Sector and Cross-Sector Relationships, Trusted Private Sector Subject Matter Experts, International Reach 1 – CIKR Protection

  5. CIKR / SSA / Coordinating Council / ISAC – Collaborative Partnership For each National Critical Infrastructure, a Federal Sector-Specific Agency (SSA) has a Coordinating Council (Government/Private) working in a collaborative partnership with sector-specific Information Sharing & Analysis Centers (ISACs). Critical Infrastructure Federal Sector-Specific Agency (SSA) GCC/Government – Federal Depts. (DHS, etc.), Federal Agencies, State, City, County Government Coordinating Council (GCC) Coordinating Council SCC/Private Sector - Industry, Owner/Operators, Trade Associations, Standards Organizations, Academia, etc. Sector Coordinating Council (SCC) Information Sharing & Analysis Center (ISAC) Private Sector Critical Infrastructure & Key Resources (Owner/Operators, Industry, Academia, etc.) 1 – CIKR Protection

  6. National Council of ISACs NATIONAL COUNCIL OF ISACs Communications ISAC (NCC), Electric Sector ISAC (IS-ISAC), Emergency Management & Response ISAC (EMR-ISAC), Financial Services, ISAC, Health ISAC (NH-ISAC), Highway ISAC (First Observer), IT ISAC The mission of the Information Sharing and Analysis Centers Council (National Council of ISACs) is to advance the physical and cyber security of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with government. Maritime Security Council ISAC, Multi-State ISAC, Nuclear ISAC (NEI), Public Transportation ISAC (APTA), Real Estate ISAC, Research & Education Networking ISAC (REN-ISAC), Supply Chain ISAC (SC-ISAC) Surface Transportation ISAC (ST-ISAC), Water ISAC, Chemical Sector Coordinating Council, Defense Security Information Exchange, Oil and Natural Gas Coordinating Council, Partnership for Critical Infrastructure Security, Regional Consortium Coordinating Council 1 – CIKR Protection

  7. National Health ISAC (NH-ISAC) – National Council of ISACs Member http://www.isaccouncil.com/ 1 – CIKR Protection

  8. Cybersecurity is much more than “User Names” and “Passwords” Business Management Holds Responsibility for Security (Both Physical/Cyber)……………Technology Enables It. • WHAT IS INFORMATION AND CYBER SECURITY? • Prevents exploitation of information either in paper-based or electronic information systems • Ensures confidentiality, integrity and availability of systems and data • Includes restoring electronic information and communications systems in the event of a terrorists attack or natural disaster • WHAT IS CYBER INFRASTRUCTURE? • Physical assets and virtual systems and networks that enable key capabilities and services in both the public and private sectors • IMPORTANCE OF CYBER INFRASTRUCTURE • Information technology (IT) supports three (3) types of cyber infrastructures across the various CIKR sectors • Business Systems – Mission essential systems that are used to manage or support common business process and operations • Control Systems – Cyber systems used to monitor and control sensitive processes and physical functions (SCADA, HVAC, Environment Control Systems, Lab-Based Surveillance, Healthcare – Medical Devices, Monitors, Medical Equipment, etc. ) • Safety, Security, Support and Other Specialty Systems – Cyber systems used to manage physical access or for alerting and notification purposes (Computerized alarm systems, electronic card readers, biometrics, radio frequency, identification (RFID), emergency alert systems, HAZMAT systems, etc. • Protection of physical and cyber assets and interoperability is problematic due to the interconnected and interdependent nature of the nation’s critical infrastructures – especially the nation’s Healthcare and Public Health Sector. 2 – Cybersecurity

  9. Cyber Threats CYBER THREAT Via an information system, any circumstance or event with the potential to adversely impact organizational operations, assets (both physical and informational), individuals, other organizations, other critical infrastructures or the Nation through an information system . Cyber threats can affect and immediately impact – hospital operations to admit/treat patients, security systems, environmental controls, insurance and medical billing claims technology, electronic records and personal data, supply delivery and stockpiles, functionality of life sustaining equipment, public health data and emergency management systems. • CYBER THREAT ISSUES / TRENDS • Threats evolve quickly – as soon as one is identified and counter measures put in place, the threat can change or expand into new or multiple threats • Hackers quickly acquire skills to launch attacks on US cyber infrastructures. Emergence of “hacker schools” online and abroad • Hackers are selling their services to a wide variety of actors (criminals, terrorists, criminal organizations, nation states, disgruntled employees, contractors, etc. Anonymity of the Internet – Allows “hacker for hire services” into a complex black market • Hacking techniques previously required specialized coding and programming knowledge. NOT ANY MORE – Less skilled users can now access free and commercially available hacking automated programs and tools • The number of malicious hackers with the necessary skills continues to increase while the knowledge required for counter measures has decreased 2 – Cybersecurity

  10. Cyber Vulnerabilities CYBER VULNERABILITIES Weaknesses in physical or information systems, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. • CYBER THREAT ISSUES / TRENDS • Cyber vulnerabilities fall into three (3) categories: • People (Employees or those external to the organization) • Processes (Security Procedures) • Technology (Software, Additional Programs, Shared Networks, Badging Systems, etc. • IDENTIFYING VULNERABILITIES • Both the U.S. Computer Emergency Readiness Team, or the US-CERT, and the Information Sharing and Analysis Centers (ISACs), help stakeholders across all sectors identify and address vulnerabilities 2 – Cybersecurity

  11. Types of Cyber Attacks Cyber Attack Categories Natural or Inadvertent Attack – Accidents from Natural Disasters Intentional Threats – Illegal or Criminal Acts (Insiders or Outsiders, Recreational/Criminal Hackers Human Blunders – Errors, Omissions, Unintentional Human Actions Types of Cyber Attacks Physical Facilities (Unauthorized Access, Environment/Emergency/Hospital Systems Disruption) Denial of Service, Penetration Attacks, BotNET (Malicious Software Robots, Scareware ($$$ or Attack), Malicious Code, Unknown Program Installation, Database Attacks, Website Defacements, Multiple Coordinated Attacks, Wireless Network Exploits, Domain Name Server (DNS Attacks), Pirated Software/Intellectual Property, Unauthorized Access, etc. Hardware (Computers, Printers, Scanners, Servers, Communication Media) Software (Applications, Special Programs, System Backups, Diagnostic Programs, Operating Systems, etc. Data – In Storage (Rest), Transition (Transit) or Undergoing Modification (Change) Medical Devices – Hacking into medical devices and injecting malicious code to disrupt lifesaving devices. Smart Phone Attacks – Hacking personal information, emails, documents, applications People – Users, Systems Administrators, Hardware and Software Manufacturers, Disgruntled Employees, Unauthorized Personnel Documentation – User Information for Hardware/Software, Administrative Procedures, Policy Documents Business and Personal Social Network Attacks – Stealing information about your behavior and lifestyle 2 – Cybersecurity

  12. Cybersecurity – Protecting the Healthcare & Public Health (HPH) Sector PROTECTING THE HPH SECTOR The HPH Sector utilizes numerous technologies to provide the delivery of care and to respond to emergencies and perform surveillance. Cybersecurity is increasingly becoming more critical due to attacks to healthcare and other critical infrastructures and key resources (CIKR) sectors. The HPH Sector is not only a domestic critical infrastructure, but a foreign one as well (i.e. supply chain dependencies, etc.) The HPH Sector is diverse with no single impenetrable security system. Attacks can impact organizational integrity, loss of business and financial systems, loss of data, medical equipment and device corruption, loss of environmental systems, facility shutdown, etc. Attacks can result in lawsuits, criminal, or regulatory compliance actions and fines for not having protective cybersecurity policies, measures and technologies in place. Measures (defined and documented plans, procedures, protective solutions/collaborative partnership) must be taken and implemented to protect technologies, processes, computer networks, equipment, facilities, and the workforce from authorized access, threats, attacks or vulnerabilities. 3 – Protecting the HPH Sector

  13. National Health Sector Coordinating Council (HSCC) US Department of Health & Human Services (HHS) Health Coordinating Council Health Government Coordinating Council (HGCC) Health Sector Coordinating Council (HSCC) WHAT IS THE HSCC? The HSCC represents private sector interests and perspectives in the public-private effort to protect the national healthcare infrastructure. It is made up of representatives, organizations, trade associations, and professional societies who operate within the healthcare sector. The HSCC has a dual mission to meet the specific needs of owners and operators and to also inform and influence government policies and actions with regard to infrastructure protection. MISSION OF THE HSCC To serve the needs of sector owners/operators and associations (constituent customers) in regard to preparing for responding to, and recovering from both significant hazards, including natural and manmade disasters, as well as national or regional health crises. To advocate the interests of sector owner/operators and associations (constituent customers) to state and federal agencies and legislators in order to enhance government policies, plans and actions regarding infrastructure protection, preparedness, response and resilience. 3 – Protecting the HPH Sector

  14. Organization of the HSCC Executive Committee or Chairs Tri-Chair Council – Encompasses a broad spectrum of leadership capabilities for the HSCC; full rotation every three (3) years Sub-Councils/Members All HSCC members fit into one of the six (6) of the following current sub-councils. Members can then be referred tom ore easily for input into working group projects or additional sectors initiatives Direct Patient Healthcare Health Information and Medical Technology Technology Health Plans and Payers Laboratories, Blood and Pharmaceuticals Mass Fatality Management Services Medical Materials Coordinating Group Working Groups There are four (4) active working groups within the HSCC. Joint Advisory Working Group (JAWG) Information Sharing Working Group (ISWG) Risk Assessment Working Group (RAWG) Cybersecurity Working Group (GSWG) Each of these groups address critical issues for the sector and interests of the HSCC members resulting in best practice deliverables. 3 – Protecting the HPH Sector

  15. Cybersecurity Working Group (CSWG) Health Sector Coordinating Council (HSCC) – Cybersecurity Working Group (CSWG) • Directs the HPH sector’s cybersecurity analysis, education and awareness efforts, to include coordinating with other Critical Infrastructure Protection (CIP) workgroups to provide cybersecurity expertise for the sector’s risk management objectives. Helps develop and vet cybersecurity situational reports, determines best practices and makes recommendations toward cybersecurity standards for the HPH Sector. • CSWG Membership – • US Health Human Services (HHS) – • Office of the Assistance Secretary for Preparedness and Response (ASPR), Centers for Disease Control and Prevention (CDC), Office of the National Coordinator (ONC) • Department of Homeland Security – • Office of Infrastructure Protection (IP), National Cybersecurity Division ( NCSD) • Department of Transportation • National Health Information Sharing & Analysis Center (NH-ISAC) • Private Sector Stakeholders within the HSCC • Telecom Companies • Other: State, Local and Tribal Healthcare Partners NH-ISAC Chair, Cybersecurity Working Group 3 – Protecting the HPH Sector

  16. Healthcare & Public Health Critical Infrastructure Protection US Department of Health & Human Services (HHS) Coordinating Council Health Government Coordinating Council (HGCC) Health Sector Coordinating Council (HSCC) National Health ISAC Private Sector Critical Infrastructure & Key Resources (Owner/Operators, Industry, Academia, etc.) 3 – Protecting the HPH Sector

  17. NH-ISAC - The Nation’s Healthcare & Public Health ISAC NH-ISAC Nationally Recognized ISAC for the Nation’s Healthcare & Public Health Critical Infrastructure Member of the National Council of Information Sharing & Analysis Centers (ISACs) – Representing all critical infrastructures Member of the National Healthcare Sector Coordinating Council (HSCC) Chairs the HSCC, Cybersecurity Working Group NH-ISAC MISSION The mission of the NH-ISAC is to enable, ensure and preserve the public trust by advancing protection of the nation’s public health and healthcare sector’s critical infrastructure via trusted cybersecurity threat and vulnerability monitoring, analysis, notification, countermeasure solutions, incident response and to foster and enable the availability of proven security and privacy governance, security awareness and workforce education. 4 – NH-ISAC Value Proposition

  18. NH-ISAC • NH-ISAC • Trusted entity established and sustained by the healthcare and public health owners and operators addressing critical infrastructure protection (physical/cyber), best practice and education • Helps government understand impacts for the HPH sector (policy, protection, education) • Provides to its constituency a 24/7 secure operating capability (information sharing/intelligence requirements for incidents, threats and vulnerabilities) responding to all aspects of security and “all hazards” including cross-sector interdependencies. • Collects and provides comprehensive analysis and dissemination of alerts and incident reports, actual or potential sector disruptions extensively within the HPH sector membership, across sectors and with government • Support national level exercises and sector-specific exercises • During events of national significance, NH-ISAC provides operation services such as risk mitigation, incident response and information sharing that protects the nation’s HPH critical infrastructure • NH-ISAC empowers business resiliency through security planning, disaster response and execution. (24/7 threat warning, incident reporting capabilities critical to the success of protecting national critical infrastructures. • Working together, all ISACs have a track record of responding to and sharing actionable and relevant information more quickly than DHS and doing so in an accurate manner. 4 – NH-ISAC Value Proposition

  19. NH-ISAC Organizational Capacity • NH-ISAC National Advisory Council • Membership Collaboration / Defining Voice • NH-ISAC Framework • Cybersecurity Research - NH-ISAC Partnership - Global Institute Cyber Security Research) • Critical Information Security Notification System (NH-ISAC CISNS) • Increased Sector-Wide Knowledge via Early Notifications • Two-Way Information Sharing • Countermeasure Solutions • Secure Member Portal – In-Depth Analysis/Support • National and Sector-Specific Cybersecurity Exercises • Cybersecurity Best Practice Consulting • Health IT Information& Cyber Security Workforce Development & Certification • NH-ISAC Health IT Information Security Test Bed Policy Management Audit Management Risk Management Business Continuity NH-ISAC Framework Compliance Management Threat Management Best Practice Research Incident Response Workforce Education 4 – NH-ISAC Value Proposition

  20. Healthcare & Public Health CIKR Cybersecurity Education CYBERSECURITY EDUCATION – SHAPING THE FUTURE In collaboration with NIST, US DHS, NSA, HHS, The National Healthcare Sector Coordinating Council (HSCC), The Global Institute for Cybersecurity + Research is leading development of National Critical Infrastructure (CIKR) Cybersecurity Education Frameworks. NH-ISAC is the lead for the Healthcare & Public Health sector. NATIONAL INITIATIVE FOR CYBERSECURITY EDUCATION (NICE) A national campaign to promote cybersecurity awareness, workforce education and digital literacy from our boardrooms to our classrooms – building and sustaining a cybersecurity workforce for the 21st century. This is your opportunity to have a defining voice and benefit from the resulting project education framework, curriculum, etc. http://www.nist.gov/nice 4 – NH-ISAC Value Proposition

  21. NH-ISAC Membership Who Can Join the NH-ISAC? H-ISAC Membership is open to organizations who are in the healthcare and public health sector, are a US firm or corporation and have been accepted by the NH-ISAC Board of Directors. How is the NH-ISAC Funded? The NH-ISAC is 100% funded through the ISAC membership model. How do I Join the NH-ISAC? Contact NH-ISAC directly or access the Membership Application: http://www.nh-isac.org/NH-ISAC_Membership.html National Health ISAC (NH-ISAC) Exploration Park/Kennedy Space Center One Spaceport Way Cape Canaveral, FL 32902 Direct: 904-827-0290 4 – NH-ISAC Value Proposition

More Related