U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ENISA – The need for Incident Response Capabilities in the health sector

ENISA analyzed the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive. The European Union Agency for Cybersecurity (ENISA) published an analysis of the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive. An attack […]

ENISA health sector

ENISA analyzed the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive.

The European Union Agency for Cybersecurity (ENISA) published an analysis of the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the NIS Directive.

An attack against a hospital can lead to physical damages and put the lives of patients at risk. The Agency remarks the need to set up solid Incident Response Capabilities (IRC) in the health sector. The document aims at offering insights on current incident response (IR) trends and providing recommendations about the development of IR capabilities in the health sector.

In 2020, the number of reports sent to ENISA about cybersecurity incidents saw an increase of 47% compared to the previous year.

The level of exposure to cyber threats is increasing to the adoption of emerging technologies such as the Internet of Things (IoT), Artificial Intelligence (AI), big data, and cloud computing.

Computer Security Incident Response Teams (CSIRTs) are tasked to develop the capabilities needed to address cyber threats and implement the provisions of the Directive on security of network and information systems (NIS Directive).

“Although dedicated health sector CSIRTs are still the exception in the Member States, sector specific CSIRT cooperation is developing.” reads the report. “The lack of sector-specific knowledge or capacity of national CSIRTs, lessons learned from past incidents and the implementation of the NIS Directive appear to be the main drivers of the creation of sector-specific incident response capabilities in the health sector.”

While the lifetime of healthcare equipment is about 15 years on average, the pace of updates that are released by the vendors but in many cases, the healthcare devices remain unpatched for long periods. Another challenge the healthcare sector is faced with is the complexity of systems due to the increased number of connected devices is enlarging the attack surface.

Below is the list of recommendations included in the report:

  1. Enhance and facilitate the creation of health sector CISRTs by allowing easy access to funding, promoting capacity building activities, etc.
  2. Capitalise on the expertise of the health CSIRTs for helping Operators of Essential Services (OES) develop their incident response capabilities by establishing sector-specific regulations, cooperation agreements, communication channels with OES, public-private partnerships, etc.
  3. Empower health CSIRTs to develop information sharing activities using threat intelligence, exchange of good practices and lessons learned, etc.

“The key force driving the development of incident response capabilities of CSIRTs is the information related to security requirements and responsibilities of organisations for each sector.” concludes the report. “Shared frameworks for incident classification and threat modelling, education activities and a network allowing communication between incident response actors constitute the main resources and tools currently supporting the development of incident response capabilities.”

https://www.enisa.europa.eu/publications/csirt-capabilities-in-healthcare-sector

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Operation Cyclone)

[adrotate banner=”5″]

[adrotate banner=”13″]