没有合适的资源?快使用搜索试试~ 我知道了~
健康医疗体系 网络安全.pdf
0 下载量 117 浏览量
2024-05-10
09:15:52
上传
评论
收藏 1.14MB PDF 举报
温馨提示
![preview](https://dl-preview.csdnimg.cn/89289557/0001-ad791df8dc5c52b468adacdaf8853b85_thumbnail.jpeg)
![preview-icon](https://csdnimg.cn/release/downloadcmsfe/public/img/scale.ab9e0183.png)
试读
40页
健康医疗体系 网络安全.pdf
资源推荐
资源详情
资源评论
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![doc](https://img-home.csdnimg.cn/images/20210720083327.png)
![](https://csdnimg.cn/release/download_crawler_static/89289557/bg1.jpg)
HEALTHCARE SYSTEM
CYBERSECURITY
Readiness & Response Considerations
Originally Published February 2021, Updated October 2022
![](https://csdnimg.cn/release/download_crawler_static/89289557/bg2.jpg)
HEALTHCARE SYSTEM CYBERSECURITY
READINESS & RESPONSE CONSIDERATIONS
PREPAREDNESS &
MITIGATION
PREPAREDNESS &
MITIGATION
RESPONSERECOVERY
2
QUICK LINKS
INTRODUCTION
As part of our nation’s critical infrastructure, healthcare facilities
large and small must be proactive and move quickly to protect
themselves from cyberattacks that could directly impact the
health and safety of patients and the community. According
to medical health experts experienced in cybersecurity
preparedness, cyberattacks have been identied as the top
threat in many healthcare systems’ annual hazard vulnerability
analyses (HVA). In response, the federal government, alongside
public and private sector partners, continues to work diligently
to defend against the growing number of cyberthreats on the
healthcare industry.
The U.S. Department of Health and Human Services (HHS)
Administration of Strategic Preparedness and Response (ASPR)
has sponsored the ASPR Technical Resources, Assistance
Center, and Information Exchange (TRACIE) since 2015.
The goal of ASPR TRACIE is to ll gaps in healthcare system
preparedness capabilities by providing timely, innovative ways
to share information and promising practices during planning
efforts. ASPR TRACIE designed this resource to help healthcare
facilities, and the systems they may be a part of, understand the
roles and responsibilities of stakeholders before, during, and
after a cyber incident.
1
The information included in this document is specically
related to the effects of a cyber incident on the healthcare
operational environment, and one that impacts the ability to
RELATED RESOURCES
Cybersecurity Resource Page
Cybersecurity Topic Collection
Cybersecurity TA Responses
Cybersecurity and Cyber
Hygiene (Issue 2 of
The Exchange)
Cybersecurity and Healthcare
Facilities (Webinar)
Healthcare System
Cybersecurity: Readiness &
Response Considerations
(Presentation) (Webinar)
Lessons Learned from the
Medstar Health System Outage
effectively care for patients and maintain business practices and readiness during such an event. While
the focus of this document is on disruptions associated with a large-scale cyerattack, many strategies and
principles outlined are relevant to a range of cybersecurity incidents and healthcare facilities.
This document covers general healthcare-related cybersecurity practices; however, additional resources that
cover more complex cybersecurity methods (e.g., those associated with medical devices) can be found in the
resources section and Appendix.
1
For purposes of this resource, a cyber incident is dened as “Actions taken through the use of an information system or network that
result in an actual or potentially adverse effect on an information system, network, and/or the information residing therein” (NIST).
![](https://csdnimg.cn/release/download_crawler_static/89289557/bg3.jpg)
HEALTHCARE SYSTEM CYBERSECURITY
READINESS & RESPONSE CONSIDERATIONS
PREPAREDNESS &
MITIGATION
PREPAREDNESS &
MITIGATION
RESPONSERECOVERY
3
QUICK LINKS
ASPR TRACIE created the following checklists for operational
use before, after, or during a cyberattack:
Hospital Downtime Operations Checklist
Hospital Downtime Preparedness Checklist
Cyber Incident Response Checklist
Cyber Incident System Restoration Checklist
QUICK LINKS
PREPAREDNESS AND MITIGATION ...................................4
IT Incident Planning................................................................4
Cybersecurity Readiness........................................................5
Routine Mitigation...................................................................5
IT Evaluations and Assessments...........................................12
Cybersecurity Exercises........................................................14
Downtime Principles..............................................................15
RESPONSE...........................................................................19
Incident Command Principles................................................19
Workforce Resilience.............................................................20
Response Downtime Procedures..........................................21
Downtime Forms ...................................................................21
Operational Considerations...................................................21
Personnel Adjustments..........................................................22
Clinical Promising Practices ..................................................23
Communication/Information Sharing .....................................24
Financial Promising Practices ................................................26
Safety Considerations ...........................................................26
Facility Security Considerations ............................................27
RECOVERY...........................................................................28
Financial Recovery................................................................29
Demobilization.......................................................................30
ACKNOWLEDGMENTS .......................................................31
APPENDIX ............................................................................36
This document focuses on
cybersecurity planning related to
the following key actions:
1. Ensure constant surveillance
of the system
2. Identify triggers and go to
immediate shut down and
escalation of issue
3. Communicate to
all stakeholders
4. Implement business
continuity processes
5. Implement downtime
recovery processes
![](https://csdnimg.cn/release/download_crawler_static/89289557/bg4.jpg)
HEALTHCARE SYSTEM CYBERSECURITY
READINESS & RESPONSE CONSIDERATIONS
PREPAREDNESS &
MITIGATION
PREPAREDNESS &
MITIGATION
RESPONSERECOVERY
4
QUICK LINKS
PREPAREDNESS AND MITIGATION
Healthcare facility cyber preparedness incorporates industry standard security practices alongside routine
exercises to assess readiness in an operational setting. In addition, regularly conducted and rigorous system
evaluations serve to further identify technical vulnerabilities in preparation for a possible cyber event.
IT Incident Planning
General mitigation efforts include understanding the threats and tactics used to target vulnerabilities within
a healthcare system. To keep abreast of imminent cyberthreats, and effectively secure critical assets and
functions, cybersecurity teams and relevant medical staff should monitor ofcial announcements for timely
information on cyber risks relevant to healthcare sector. To maintain situational awareness, healthcare facilities
can sign-up for, and regularly review, the following federal sites for up-to-date alerts and guidance:
• Health Sector Cybersecurity Coordination Center (HC3): Products
• HHS Healthcare and Public Health Sector: Highlights-Cybersecurity Edition
• HHS 405(d): Subscribe to The Post
• CISA: National Cyber Awareness System Bulletins/Reports; Sign-up for Alerts
• CISA: SHIELDS UP webpage
• CISA: Stop Ransomware webpage
To ensure readiness, healthcare facility information technology (IT) teams should incorporate basic IT
preparedness principles into planning protocol, including:
• Understand historical and current healthcare-related attacks and their subsequent lessons learned.
• Know the vulnerabilities that face your organization and have a threat remediation plan.
• Have an incident response plan and practice and update it regularly.
• Implement cybersecurity digital infrastructure checklists into operational protocols.
• Ensure enterprise and individual facilities, emergency managers, and IT teams plan collaboratively.
• Implement cyber hygiene programs and use cyber hygiene services and employee education drills to
prevent successful attacks.
• Identify clinical and non-clinical operational vulnerabilities within facilities.
• Identify and understand how to engage with critical external partners such as Healthcare Coalition
(HCC) stakeholders.
![](https://csdnimg.cn/release/download_crawler_static/89289557/bg5.jpg)
HEALTHCARE SYSTEM CYBERSECURITY
READINESS & RESPONSE CONSIDERATIONS
PREPAREDNESS &
MITIGATION
PREPAREDNESS &
MITIGATION
RESPONSERECOVERY
5
QUICK LINKS
Cybersecurity Readiness
Effective mitigation of cyberattacks relies on careful planning by the facility or health system’s IT team in
conjunction with facility leadership, providers, and ancillary departments. Comprehensive routine evaluations of
the facility, or health system, across departments and systems can provide insight into their interdependencies
and expose vulnerabilities that should be addressed.
A health system’s rst line of defense is the information system (IS) architecture that protects the infrastructure
and aims to reduce impact on core capabilities and functionality when an attack occurs.
• Within larger health systems, an enterprise-wide solution has likely been established by a team of skilled
clinical and non-clinical IT IS professionals. These solutions aim to insulate the system from attack and
limit its spread across multiple systems or applications.
• Medium and larger healthcare facilities should have proper security conguration management
protocols in place. The Health Sector Council Cybersecurity resource Cybersecurity Practices for Medium
and Large Health Care Organizations provides information specic to these entities.
• Separate, possibly smaller, associated facilities should ensure their IT cybersecurity processes are
in line with the enterprise system and follow the same security protocols and requirements. These
facilities should also ensure they can disconnect from central or enterprise systems, and run independently,
to both protect themselves and the main network should an incident occur. The Health Sector Council
cybersecurity resource for Small Healthcare Organizations provides information specic to supporting
smaller facilities.
• Implementing effective cyber hygiene practices is critical to securing an organization’s networks and
resources. Healthcare facilities with limited IT resources—in particular smaller facilities—may explore
free cybersecurity services and tools that are provided by federal agencies (e.g., the Cybersecurity
and Infrastructure Security Agency [CISA]), and the public and private sectors. To help identify system
vulnerabilities, evaluate resilience, and stay current on cyber practices, rural health centers can use
specially developed toolkits for hospitals and clinics in remote settings.
Routine Mitigation
Facilities should establish regular vulnerability scanning and continuous monitoring practices to ensure the
rapid identication of potential threats. As vulnerabilities are detected, they should be prioritized and remediated
using patch management, blocking, and other practices that are effective at addressing weaknesses within the
system. Investment in data backup and redundancy across the IT environment, including external mirroring, is
essential for protecting vulnerable systems.
Systems and Infrastructure Protection
• Improve early warning of potential incidents by implementing robust monitoring protocols. Map
healthcare IT business practices to data ow to inform monitoring requirements. Consider establishing
secondary monitoring capabilities as backup to the primary. Explore having a third-party IT consultant to
assist with 24/7 monitoring and incident reporting.
剩余39页未读,继续阅读
资源评论
![avatar-default](https://csdnimg.cn/release/downloadcmsfe/public/img/lazyLogo2.1882d7f4.png)
![avatar](https://profile-avatar.csdnimg.cn/68ef26bd67034c68b8d314222b3e4014_weixin_41429382.jpg!1)
百态老人
- 粉丝: 2211
- 资源: 2万+
上传资源 快速赚钱
我的内容管理 展开
我的资源 快来上传第一个资源
我的收益
登录查看自己的收益我的积分 登录查看自己的积分
我的C币 登录后查看C币余额
我的收藏
我的下载
下载帮助
![voice](https://csdnimg.cn/release/downloadcmsfe/public/img/voice.245cc511.png)
![center-task](https://csdnimg.cn/release/downloadcmsfe/public/img/center-task.c2eda91a.png)
安全验证
文档复制为VIP权益,开通VIP直接复制
![dialog-icon](https://csdnimg.cn/release/downloadcmsfe/public/img/green-success.6a4acb44.png)