NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER THE NATION’S HEALTHCARE & PUBLIC HEALTH...
-
Upload
clifford-montague -
Category
Documents
-
view
216 -
download
0
Transcript of NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER THE NATION’S HEALTHCARE & PUBLIC HEALTH...
NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER
THE NATION’S
HEALTHCARE & PUBLIC HEALTH SECTOR
INFORMATION SHARING & ANALYSIS CENTER
Information & Cybersecurity
Threat & Vulnerability Protection,
Best Practice & Education
NH-ISAC
HEALTHCARE & PUBLIC HEALTH CRITICAL INFRASTRUCTURE PROTECTION
EXECUTIVE OVERVIEW
1. National Critical Infrastructure and Key Resources (CIKR) Protection – Public/Private Partnership
2. Cybersecurity Overview – Threats/Vulnerabilities/Attacks
3. Protecting the Health & Public Health Sector
US Department of Health & Human Services, US DHS
Health Sector Coordinating Council – Government/Private Sector
National Health Information Sharing & Analysis Center (NH-ISAC)
4. NH-ISAC Membership – Value Proposition
Executive Overview Agenda
Homeland Security Presidential Directive 7 (HSPD-7) – National CIKR Protection
Sector-Specific Agency (SSA) Critical Infrastructures & Key Resources
Department Of AgricultureDepartment of Health & Human Services Agriculture & Food
Department of Defense Defense Industrial Base
Department of Energy Energy
Department of Health & Human Services Healthcare & Public Health
Department of the Interior National Monuments and Icons
Department of the Treasury Banking & Finance
Environmental Protection Agency Water
Department of Homeland Security (DHS)Office of Infrastructure Protection
Chemical / Commercial Facilities / DamsCritical Manufacturing /Emergency Services
Nuclear Reactors, Materials and Waste
DHS Office of Cybersecurity & Communications Information TechnologyCommunications
DHS Transportation Security Administration Postal and Shipping
DHS Transportation Security AdministrationUnited States Coast Guard Transportation Systems
DHS Immigration & Customs Enforcement, Federal Protective Service Government Facilities
National Infrastructure Protection Plan (NIPP) - After 9/11, 18 National Critical Infrastructures and Key Resources (CIKR) were identified for protection.
Presidential Directive (HSPD-7) – Established national Policy to identify and prioritize US critical infrastructures and key resources – protecting from terrorist attacks.
Recognizing that each infrastructure possessed its own unique characteristics and operating models, Sector-Specific Agencies (SSAs) were identified to develop sector CIKR protection plans.
Information Sharing & Analysis Centers (ISACs) - Federal departments (US DHS, FBI, etc.) and SSAs collaborate in a public/private partnership with sector-specific ISACs to encourage sector-specific mechanisms to monitor, identify, prioritize, analyze and coordinate sector protection (physical and cyber).
1 – CIKR Protection
DHS Information Sharing Environment (ISE) CIKR Components
Coordination & Governance / Risk MitigationRelationship Management / Information Exchange
Content Identification & Development
INFORMATION SHARING & ANALYSIS CENTERS (ISACs)
The definition of an ISAC is "a trusted, sector-specific entity which provides to its constituency a 24/7 Secure Operating Capability
that establishes the sector’s specific information/intelligence requirements for incidents, threats and vulnerabilities (two-2ay
information sharing). Based on its sector-focused subject-matter analytical expertise, the ISAC then collects, analyzes and
disseminates alerts and incident reports to its membership and helps the government understand impacts for its sector.”
ISAC Characteristics: Trusted Information Sharing & Analysis, Trusted Sector and Cross-Sector Relationships, Trusted Private
Sector Subject Matter Experts, International Reach
Protection Partnership / 2-Way Information Sharing - ISACs
1 – CIKR Protection
Coordinating Council
Federal Sector-Specific Agency (SSA)
Government Coordinating Council (GCC)
Critical Infrastructure
Sector Coordinating Council (SCC)
Information Sharing & Analysis Center (ISAC)
GCC/Government – Federal Depts. (DHS, etc.), Federal Agencies, State, City, County
SCC/Private Sector - Industry, Owner/Operators, Trade Associations, Standards Organizations, Academia, etc.
CIKR / SSA / Coordinating Council / ISAC – Collaborative Partnership
For each National Critical Infrastructure, a Federal Sector-Specific Agency (SSA) has a Coordinating Council
(Government/Private) working in a collaborative partnership with sector-specific Information Sharing & Analysis Centers
(ISACs).
Private Sector Critical Infrastructure & Key Resources(Owner/Operators, Industry, Academia, etc.)
1 – CIKR Protection
Communications ISAC (NCC), Electric Sector ISAC (IS-ISAC), Emergency Management & Response
ISAC (EMR-ISAC), Financial Services, ISAC, Health ISAC (NH-ISAC), Highway ISAC (First Observer), IT ISAC
NATIONAL COUNCIL OF ISACs
Maritime Security Council ISAC, Multi-State ISAC, Nuclear ISAC (NEI), Public Transportation ISAC (APTA), Real Estate ISAC, Research & Education Networking ISAC (REN-ISAC), Supply Chain ISAC
(SC-ISAC)
Surface Transportation ISAC (ST-ISAC), Water ISAC, Chemical Sector Coordinating Council, Defense Security Information Exchange, Oil and Natural Gas Coordinating Council, Partnership for Critical
Infrastructure Security, Regional Consortium Coordinating Council
National Council of ISACs
The mission of the Information
Sharing and Analysis Centers
Council (National Council of ISACs)
is to advance the physical and
cyber security of the critical
infrastructures of North America by
establishing and maintaining a
framework for valuable interaction
between and among the ISACs and
with government.
1 – CIKR Protection
http://www.isaccouncil.com/
National Health ISAC (NH-ISAC) – National Council of ISACs Member
1 – CIKR Protection
WHAT IS INFORMATION AND CYBER SECURITY?
•Prevents exploitation of information either in paper-based or electronic information systems
•Ensures confidentiality, integrity and availability of systems and data
•Includes restoring electronic information and communications systems in the event of a terrorists attack or natural disaster
WHAT IS CYBER INFRASTRUCTURE?
• Physical assets and virtual systems and networks that enable key capabilities and services in both the public and private sectors
IMPORTANCE OF CYBER INFRASTRUCTURE
• Information technology (IT) supports three (3) types of cyber infrastructures across the various CIKR sectors
1. Business Systems – Mission essential systems that are used to manage or support common business process and operations
2. Control Systems – Cyber systems used to monitor and control sensitive processes and physical functions (SCADA, HVAC, Environment Control Systems, Lab-Based Surveillance, Healthcare – Medical Devices, Monitors, Medical Equipment, etc. )
3. Safety, Security, Support and Other Specialty Systems – Cyber systems used to manage physical access or for alerting and notification purposes (Computerized alarm systems, electronic card readers, biometrics, radio frequency, identification (RFID), emergency alert systems, HAZMAT systems, etc.
• Protection of physical and cyber assets and interoperability is problematic due to the interconnected and interdependent nature of the nation’s critical infrastructures – especially the nation’s Healthcare and Public Health Sector.
Cybersecurity is much more than “User Names” and “Passwords”
Business Management Holds Responsibility for Security (Both Physical/Cyber)……………Technology Enables It.
2 – Cybersecurity
CYBER THREAT ISSUES / TRENDS
• Threats evolve quickly – as soon as one is identified and counter measures put in place, the threat can change or expand into new or multiple threats
• Hackers quickly acquire skills to launch attacks on US cyber infrastructures. Emergence of “hacker schools” online and abroad
• Hackers are selling their services to a wide variety of actors (criminals, terrorists, criminal organizations, nation states, disgruntled employees, contractors, etc. Anonymity of the Internet – Allows “hacker for hire services” into a complex black market
• Hacking techniques previously required specialized coding and programming knowledge. NOT ANY MORE – Less skilled users can now access free and commercially available hacking automated programs and tools
• The number of malicious hackers with the necessary skills continues to increase while the knowledge required for counter measures has decreased
Cyber Threats
2 – Cybersecurity
CYBER THREAT
Via an information system, any circumstance or event with the potential to adversely impact organizational
operations, assets (both physical and informational), individuals, other organizations, other critical infrastructures or
the Nation through an information system .
Cyber threats can affect and immediately impact – hospital operations to admit/treat patients, security systems,
environmental controls, insurance and medical billing claims technology, electronic records and personal data, supply
delivery and stockpiles, functionality of life sustaining equipment, public health data and emergency management
systems.
CYBER VULNERABILITIES
Weaknesses in physical or information systems, system security procedures, internal
controls, or implementation that could be exploited or triggered by a threat source.
CYBER THREAT ISSUES / TRENDS
Cyber vulnerabilities fall into three (3) categories:
People (Employees or those external to the organization)
Processes (Security Procedures)
Technology (Software, Additional Programs, Shared Networks, Badging Systems, etc.
IDENTIFYING VULNERABILITIES
Both the U.S. Computer Emergency Readiness Team, or the US-CERT, and the Information Sharing and Analysis Centers (ISACs), help stakeholders across all sectors identify and address vulnerabilities
Cyber Vulnerabilities
2 – Cybersecurity
Types of Cyber Attacks
Physical Facilities (Unauthorized Access, Environment/Emergency/Hospital Systems Disruption)
Denial of Service, Penetration Attacks, BotNET (Malicious Software Robots, Scareware ($$$ or Attack), Malicious Code, Unknown Program Installation, Database Attacks, Website Defacements, Multiple Coordinated Attacks, Wireless Network Exploits, Domain Name Server (DNS Attacks), Pirated Software/Intellectual Property, Unauthorized Access, etc.
Types of Cyber Attacks
Cyber Attack Categories
Natural or Inadvertent Attack – Accidents from Natural Disasters
Intentional Threats – Illegal or Criminal Acts (Insiders or Outsiders, Recreational/Criminal Hackers
Human Blunders – Errors, Omissions, Unintentional Human Actions
Hardware (Computers, Printers, Scanners, Servers, Communication Media)
Software (Applications, Special Programs, System Backups, Diagnostic Programs, Operating Systems, etc.
Data – In Storage (Rest), Transition (Transit) or Undergoing Modification (Change)
Medical Devices – Hacking into medical devices and injecting malicious code to disrupt lifesaving devices.
Smart Phone Attacks – Hacking personal information, emails, documents, applications
People – Users, Systems Administrators, Hardware and Software Manufacturers, Disgruntled Employees, Unauthorized Personnel
Documentation – User Information for Hardware/Software, Administrative Procedures, Policy Documents
Business and Personal Social Network Attacks – Stealing information about your behavior and lifestyle 2 – Cybersecurity
Cybersecurity – Protecting the Healthcare & Public Health (HPH) Sector
The HPH Sector is not only a domestic critical infrastructure, but a foreign one as well (i.e. supply chain dependencies, etc.)
The HPH Sector is diverse with no single impenetrable security system.
Attacks can impact organizational integrity, loss of business and financial systems, loss of data, medical equipment and device corruption, loss of
environmental systems, facility shutdown, etc.
Attacks can result in lawsuits, criminal, or regulatory compliance actions and fines for not having protective cybersecurity policies, measures and
technologies in place.
Measures (defined and documented plans, procedures, protective solutions/collaborative partnership) must be taken and implemented to
protect technologies, processes, computer networks, equipment, facilities, and the workforce from authorized access, threats, attacks or
vulnerabilities.
PROTECTING THE HPH SECTOR
The HPH Sector utilizes numerous technologies to provide the delivery of care and to
respond to emergencies and perform surveillance. Cybersecurity is increasingly becoming
more critical due to attacks to healthcare and other critical infrastructures and key
resources (CIKR) sectors.
3 – Protecting the HPH Sector
Health Coordinating Council
US Department of Health & Human Services (HHS)
Health Government Coordinating Council (HGCC) Health Sector Coordinating Council (HSCC)
National Health Sector Coordinating Council (HSCC)
WHAT IS THE HSCC?
The HSCC represents private sector interests and perspectives in the public-private effort to protect the national healthcare infrastructure. It is made up of representatives, organizations, trade associations, and professional societies who operate within the healthcare sector.
The HSCC has a dual mission to meet the specific needs of owners and operators and to also inform and influence government policies and actions with regard to infrastructure protection.
MISSION OF THE HSCC
To serve the needs of sector owners/operators and associations (constituent customers) in regard to preparing for responding to, and recovering from both significant hazards, including natural and manmade disasters, as well as national or regional health crises.
To advocate the interests of sector owner/operators and associations (constituent customers) to state and federal agencies and legislators in order to enhance government policies, plans and actions regarding infrastructure protection, preparedness, response and resilience.
3 – Protecting the HPH Sector
Organization of the HSCC
Executive Committee or Chairs
Tri-Chair Council – Encompasses a broad spectrum of leadership capabilities for the HSCC; full rotation every three (3) years
Sub-Councils/Members
All HSCC members fit into one of the six (6) of the following current sub-councils. Members can then be referred tom ore easily for input into working group projects or additional sectors initiatives
Direct Patient Healthcare Health Information and Medical Technology
Technology Health Plans and Payers Laboratories, Blood and Pharmaceuticals
Mass Fatality Management Services Medical Materials Coordinating Group
Working Groups
There are four (4) active working groups within the HSCC.
Joint Advisory Working Group (JAWG) Information Sharing Working Group (ISWG)
Risk Assessment Working Group (RAWG) Cybersecurity Working Group (GSWG)
Each of these groups address critical issues for the sector and interests of the HSCC members resulting in best practice deliverables.
3 – Protecting the HPH Sector
Cybersecurity Working Group (CSWG)
Directs the HPH sector’s cybersecurity analysis, education and awareness efforts, to include coordinating with other Critical Infrastructure Protection (CIP)
workgroups to provide cybersecurity expertise for the sector’s risk management objectives. Helps develop and vet cybersecurity situational reports,
determines best practices and makes recommendations toward cybersecurity standards for the HPH Sector.
CSWG Membership –
•US Health Human Services (HHS) –
Office of the Assistance Secretary for Preparedness and Response (ASPR), Centers for Disease Control and Prevention (CDC), Office of the National Coordinator (ONC)
•Department of Homeland Security –
Office of Infrastructure Protection (IP), National Cybersecurity Division ( NCSD)
•Department of Transportation
•National Health Information Sharing & Analysis Center (NH-ISAC)
•Private Sector Stakeholders within the HSCC
•Telecom Companies
•Other: State, Local and Tribal Healthcare Partners
NH-ISAC
Chair, Cybersecurity Working Group
Health Sector Coordinating Council (HSCC) – Cybersecurity Working Group (CSWG)
3 – Protecting the HPH Sector
Coordinating Council
National Health ISAC
US Department of Health & Human Services (HHS)
Health Government Coordinating Council (HGCC) Health Sector Coordinating Council (HSCC)
Private Sector Critical Infrastructure & Key Resources(Owner/Operators, Industry, Academia, etc.)
3 – Protecting the HPH Sector
Healthcare & Public Health Critical Infrastructure Protection
NH-ISAC MISSION
The mission of the NH-ISAC is to enable, ensure and preserve
the public trust by advancing protection of the nation’s public
health and healthcare sector’s critical infrastructure via
trusted cybersecurity threat and vulnerability monitoring,
analysis, notification, countermeasure solutions, incident
response and to foster and enable the availability of proven
security and privacy governance, security awareness and
workforce education.
NH-ISAC - The Nation’s Healthcare & Public Health ISAC
NH-ISAC
Nationally Recognized ISAC for the Nation’s Healthcare & Public Health Critical Infrastructure
Member of the National Council of Information Sharing & Analysis Centers (ISACs) – Representing all critical infrastructures
Member of the National Healthcare Sector Coordinating Council (HSCC)
Chairs the HSCC, Cybersecurity Working Group
4 – NH-ISAC Value Proposition
4 – NH-ISAC Value Proposition
NH-ISAC
• Trusted entity established and sustained by the healthcare and public health owners and operators
addressing critical infrastructure protection (physical/cyber), best practice and education
• Helps government understand impacts for the HPH sector (policy, protection, education)
• Provides to its constituency a 24/7 secure operating capability (information sharing/intelligence
requirements for incidents, threats and vulnerabilities) responding to all aspects of security and “all
hazards” including cross-sector interdependencies.
• Collects and provides comprehensive analysis and dissemination of alerts and incident reports, actual
or potential sector disruptions extensively within the HPH sector membership, across sectors and
with government
• Support national level exercises and sector-specific exercises
• During events of national significance, NH-ISAC provides operation services such as risk mitigation,
incident response and information sharing that protects the nation’s HPH critical infrastructure
• NH-ISAC empowers business resiliency through security planning, disaster response and execution.
(24/7 threat warning, incident reporting capabilities critical to the success of protecting national
critical infrastructures.
• Working together, all ISACs have a track record of responding to and sharing actionable and relevant
information more quickly than DHS and doing so in an accurate manner.
NH-ISAC
NH-ISAC Organizational Capacity
4 – NH-ISAC Value Proposition
NH-ISAC National Advisory Council
Membership Collaboration / Defining Voice
NH-ISAC Framework
Cybersecurity Research -
NH-ISAC Partnership - Global Institute Cyber Security Research)
Critical Information Security Notification System (NH-ISAC CISNS)
Increased Sector-Wide Knowledge via Early Notifications
Two-Way Information Sharing
Countermeasure Solutions
Secure Member Portal – In-Depth Analysis/Support
National and Sector-Specific Cybersecurity Exercises
Cybersecurity Best Practice Consulting
Health IT Information& Cyber Security Workforce Development & Certification
NH-ISAC Health IT Information Security Test Bed
AuditManagement
PolicyManagement
RiskManagement
ComplianceManagement
BusinessContinuity
ThreatManagement
IncidentResponse
WorkforceEducation
Best PracticeResearch
NH-ISACFramework
CYBERSECURITY EDUCATION – SHAPING THE FUTURE
NATIONAL INITIATIVE
FOR CYBERSECURITY EDUCATION (NICE)
A national campaign to promote cybersecurity awareness,
workforce education and digital literacy from our boardrooms to
our classrooms – building and sustaining a cybersecurity
workforce for the 21st century.
This is your opportunity to have a defining voice and benefit
from the resulting project education framework, curriculum, etc.
http://www.nist.gov/nice
Healthcare & Public Health CIKR Cybersecurity Education
In collaboration with NIST, US DHS, NSA, HHS, The National Healthcare Sector
Coordinating Council (HSCC), The Global Institute for Cybersecurity + Research is leading
development of National Critical Infrastructure (CIKR) Cybersecurity Education
Frameworks. NH-ISAC is the lead for the Healthcare & Public Health sector.
4 – NH-ISAC Value Proposition
NH-ISAC Membership
4 – NH-ISAC Value Proposition
Who Can Join the NH-ISAC?
H-ISAC Membership is open to organizations who are in the healthcare and public health sector, are a US firm or corporation and have been accepted by the NH-ISAC Board of Directors.
How is the NH-ISAC Funded?
The NH-ISAC is 100% funded through the ISAC membership model.
How do I Join the NH-ISAC?
Contact NH-ISAC directly or access the Membership Application: http://www.nh-isac.org/NH-ISAC_Membership.html
National Health ISAC (NH-ISAC)
Exploration Park/Kennedy Space Center
One Spaceport Way
Cape Canaveral, FL 32902
Direct: 904-827-0290