Topic Collection Cover Page

Cybersecurity
Topic Collection
April 1, 2026

Topic Collection: Cybersecurity

Recent cyberattacks on healthcare facilities have had significant effects on every aspect of patient care and operational continuity. They highlight the need for healthcare organizations of all sizes and types to implement cybersecurity best practices and conduct robust planning to improve cyber incident response and consequence management. As the number of cyberattacks on the healthcare sector increases, practitioners, facility executives, information technology professionals, and emergency managers must remain current on threats to their facilities and systems, as well as have robust downtime procedures to protect patients and staff. The resources in this Topic Collection can help stakeholders better protect against, mitigate, respond to, and recover from cyberattacks to ensure patient safety and operational continuity. 

Select examples/widely publicized cyberattacks are cited here due to the major impact they had on healthcare operations and clinical care delivery; however, it is important to note that references to these incidents are not exhaustive. Related information can be found in the Electronic Health Records and Downtime Procedures Topic Collection.

As the number and severity of incidents continues to grow, we encourage you to regularly review the information and alerts available on the following federal sites:

-Health Sector Coordinating Council Cybersecurity Working Group

-HHS 405(d): Subscribe to the Post

-CISA: National Cyber Awareness System-Bulletins, Alerts Subscription             

This Collection was refreshed in 2025. Each resource in this Topic Collection is placed into one or more of the following categories (click on the category name to be taken directly to that set of resources). Resources marked with an asterisk (*) appear in more than one category.

Sections Navigation

Toggle Open/Close

Must Reads

ASPR TRACIE. (2022). Healthcare System Cybersecurity: Readiness & Response Considerations (Document).
This resource can help healthcare facilities, and the systems they may be a part of, understand the roles and responsibilities of stakeholders before, during, and after a cyber incident.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2025). Cybersecurity Resource Page.
Recent cyberattacks on healthcare facilities have had significant effects on every aspect of patient care and organizational continuity. They highlight the need for healthcare organizations of all sizes and types to implement cybersecurity best practices and conduct robust planning and exercising for cyber incident response and consequence management. As the number of cyberattacks on this sector increases, healthcare practitioners, facility executives, information technology professionals, and emergency managers must remain current on the ever-changing nature and type of threats to their facilities, systems, patients, and staff. These resources can help stakeholders better protect against, mitigate, respond to, and recover from cyber threats, ensuring patient safety and operational continuity.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2025). Information Technology Failures and Cyber Incidents.
Cyber attacks on healthcare are increasingly common and increasingly disruptive. Intentional and non-malicious failures of both hardware and software can also result in the disruption of a facility or system’s information technology (i.e., downtime that affects components like electronic health records). This chapter concentrates on the impact of system downtime and includes considerations for systems mapping, mitigation, response, and recovery.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). Shields Up. (Accessed 4/25/2025.)
Cyberattacks can have implications for cybersecurity across the globe. This website contains guidance for organizations, corporate leaders, individuals that can help prevent and respond to cyberattacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare and Public Health Sector Coordinating Council, 405(d) Program. (n.d.). Hospital Resiliency Landscape Analysis. (Accessed 4/25/2025.) U.S Department of Health and Human Services.
This webpage provides results of a landscape analysis conducted through a partnership between the Health Sector Coordinating Council Cybersecurity Working Group and the Centers for Medicare and Medicaid Services. Information includes active threats identified, demographic background data, and key observations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare and Public Health Sector Coordinating Council, Cybersecurity Working Group. (2025). HSCC Publications.
This webpage lists working group recommended cybersecurity publications by date and includes links to resources on operational continuity, telehealth and telemedicine cybersecurity, health industry tactical response, and information sharing.
Favorite:
1
You must Login to add a comment
  • luna sora Healthcare and Public Health Sector Coordinating Council’s Cybersecurity Working Group offers comprehensive publications vital for healthcare security. Covering telehealth cybersecurity and operational continuity, these resources set a gold standard many companies follow when designing healthcare software. By aligning with these guidelines, organizations like OSPLabs ensure robust protection of sensitive data and compliance with industry best practices.
    12/19/2024 6:37:04 AM
MITRE Corporation. (2022). Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook (Version 2.0).
This playbook presents a framework that can be used by healthcare organizations and stakeholders to plan for and respond to cybersecurity attacks on medical devices. It includes supplemental information specific to regional cyber preparedness and recommendations for conducting a hazard vulnerability analysis, asset inventory, and incident reporting.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Health Sector Cybersecurity Coordination Center (HC3). (2022). HC3 Products.
This health sector page provides access to HC3 and partner threat briefs, sector alerts, joint threat bulletins, and other cyber-related resources to help organizations maintain situational awareness of current cyber vulnerabilities and threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights and Office of the National Coordinator for Health Information Technology. (2022). Security Risk Assessment (SRA) Tool.
The Security Risk Assessment tool was designed to help guide healthcare providers in small to medium-sized offices conduct risk assessments of their organizations’ HIPAA compliance. This webpage contains a user guide and tutorial video. Users can download the 156 question app to their computers or iPads.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (n.d.). 405(d) Resource Library. (Accessed 4/25/2025.)
This webpage provides access to all the task group products, publications, and guidance material on health sector cyber-related materials, including cybersecurity practices for small, medium, and large healthcare organizations; phishing, malware, and ransomware factsheets; cyberthreat infographics; healthcare industry cybersecurity quick start guides; and security considerations and infographics for medical devices. Many 405(d) resources are also available in Spanish: https://405d.hhs.gov/spanish
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Homeland Security. (n.d.). Healthcare and Public Health Cybersecurity. (Accessed 4/25/2025.) U.S. Department of Homeland Security.
This webpage provides information on tools, resources, and training that are focused on healthcare cybersecurity preparedness priorities, including references to cyber hygiene, strengthening cybersecurity efforts, and addressing resource constraints.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration, Center for Devices and Radiological Health. (2021). Best Practices for Communicating Cybersecurity Vulnerabilities to Patients.
This document was developed to assist healthcare professionals, industry partners, and federal partners communicate information about cybersecurity vulnerabilities. It contains best practices and tips for creating clear, concise, and easy to consume messaging to patients and the public.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Education and Training

Administration for Strategic Preparedness and Response. (2026). Strengthening Healthcare Cyber Resilience: RISC 2.0 Cybersecurity Module. (Free registration necessary.) U.S. Department of Health and Human Services.
In this webinar, experts provide a summary of the RISC 2.0 tool, then provide an in-depth overview of the new cybersecurity module and explain how the new RISC 2.0 Cybersecurity Module can help hospitals and other health care facilities assess vulnerabilities and fill gaps in cyber defenses. The RISC 2.0 Cybersecurity Module guides users through targeted questions on policies, controls, and practices, and scores their responses against National Institute of Standards and Technology Cybersecurity Framework 2.0 and HPH Cybersecurity Performance Goals.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
American Hospital Association. (2023). CLEAR Crisis Leadership Series: Cyber Preparedness Discussion.
This video is the third of a five-part series of moderated discussions with healthcare executives on key leadership skills and competencies in crisis management. Here speakers share their insights on how healthcare can prepare for and respond to cyberattacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2025). Information Technology Failures and Cyber Incidents.
Cyber attacks on healthcare are increasingly common and increasingly disruptive. Intentional and non-malicious failures of both hardware and software can also result in the disruption of a facility or system’s information technology (i.e., downtime that affects components like electronic health records). This chapter concentrates on the impact of system downtime and includes considerations for systems mapping, mitigation, response, and recovery.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Association of Healthcare Emergency Preparedness Professionals. (2020). Cybersecurity in Healthcare.
Benjamin Gilbert provides recommendations for managing challenges related to healthcare cybersecurity (e.g., high recovery costs, hiring cybersecurity staff, and protecting the sensitivity of patient information). Gilbert also covers threat vectors, methodology of cyberattacks, and protective measures health care organizations can take to prepare their IT systems and facilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
CyberMed Summit. (2024). CyberMed Summit.
This collection of recorded conference sessions and videos summarize the CyberMed Summit’s 2024 speaker series that included federal agencies, policy, and industry professionals discussing clinically focused cybersecurity needs and current efforts to secure organizations in the healthcare sector.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). CISA Tabletop Exercises Packages (CTEPS). (Accessed 4/25/2025.)
The CISA resources provided on this page can assist stakeholders and partners with conducting their own training exercises on a variety of cybersecurity and physical security scenarios including ransomware, insider threats, phishing scams, active shooter, and improvised explosive devices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). Cybersecurity Training and Exercises. (Accessed 4/25/2025.)
This webpage provides a variety of cyber-related training and education resources for federal employees, private industry professionals, and critical infrastructure operators (e.g., certification prep courses, cyber defense skills, and incident response training).
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Eichelberg, M., Kleber, K., Kammerer, M. (2020). Cybersecurity Challenges for PACS and Medical Imaging. Academic Radiology. 27(8): 1126-1139.
This article reviews five cyber-attack scenarios impacting PACS and medical imaging networks, including a discussion of countermeasures and preventive actions that can be taken to mitigate risks in this type of hospital threat environment.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Sector Coordinating Council Cybersecurity Working Group. (2023). Cybersecurity for the Clinician (Video Training Series). (Free registration required.)
The “Cybersecurity for the Clinician” video training series is comprised of eight videos, for a total of 47 minutes (eligible for one credit hour). Speakers explain in easy, non-technical language what clinicians and students in the medical profession need to understand about how cyber attacks can affect clinical operations and patient safety, and how to help keep healthcare data, systems and patients safe from cyber threats.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
Health- Information Sharing and Analysis Center (H-ISAC). (n.d.). Health Industry Cybersecurity Practices- Videos. (Accessed 4/25/2025.)
This resource provides information on cost-effective strategies that can be use by a range of healthcare organizations to reduce cybersecurity risks. Practical guidance includes training videos on email protection, asset management, endpoint protection, and network management, among others that are available towards the bottom of the webpage.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
National Computer Forensics Institute (NCFI). (n.d.). NCFI Courses. (Accessed 4/25/2025.)
The NCFI is a federally funded training center established to educate state and local officials in cyber-related crime investigations, trends, and investigative methods. Courses include training on ransomware investigations, business email compromise, and incidence response cyber team coordination for first responders, law enforcement, and local government personnel.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Initiative for Cybersecurity Careers and Studies. (2025). NICCS Education and Training Catalog. Cybersecurity and Infrastructure Security Agency.
From this webpage, visitors can search for offered trainings by focus area, offering entity, level of training, location of training, and other factors as well as access various on-line training sites.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (2022). Federal Information Security Educators (FISSEA).
This organization’s webpage provides information on federal information security training and cybersecurity awareness programs, including upcoming events and past programs.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (2025). National Initiative for Cybersecurity Education (NICE Framework).
The NICE initiative was developed as a partnership between government, academia, and private industry to promote cybersecurity education, training, and workforce development. This webpage provides links to information on the framework, cybersecurity training and how to get involved in network efforts. The ‘Online Learning Content’ page includes links to professional development training, tools, and various specific cybersecurity educational materials.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology, National Cybersecurity Center of Excellence (NCCoE). (2021). NCCoE Learning Series Fireside Chat: Improving the Cybersecurity Posture of Healthcare Delivery Organizations.
This webinar recording examines guidance on securing critical technical aspects of the healthcare environment such as EHR, medical devices, telehealth, patient monitoring, and PACS systems, and highlights best practices for engaging the public and private sector.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S Department of Health and Human Services, Office of the Chief Information Officer. (2020). Security Awareness and Training.
This website includes a comprehensive list of the (OCIO) information security and role-based training resources that includes topics such as phishing, executive and managerial training, and IT administration.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights. (2023). HHS Policy for Rules of Behavior for Use of Information & IT Resources.
These rules apply to government employees, contractors, and other system users and must be read by all new users prior to accessing HHS data, systems, or networks. The policies may serve as a helpful template for private sector entities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Homeland Security. (n.d.). Healthcare and Public Health Cybersecurity. (Accessed 4/25/2025.) U.S. Department of Homeland Security.
This webpage provides information on tools, resources, and training that are focused on healthcare cybersecurity preparedness priorities, including references to cyber hygiene, strengthening cybersecurity efforts, and addressing resource constraints.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
University of California San Francisco, Stanford Center of Excellence in Regulatory Science and Innovation (CERSI). (2025). Cybersecurity Seminar Series.
This monthly speaker series is comprised of one-hour lectures on an array of cybersecurity topics including medical device security, biomedical engineering and manufacturing safety, and regulatory information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Valderrama, A., Lee, S., Batts, D., et al. (2016). Healthcare Organization and Hospital Discussion Guide For Cybersecurity. Centers for Disease Control and Prevention.
Healthcare facility staff can use this document--presented as a discussion-based exercise--to identify their cybersecurity challenges, needs, and strengths.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Guidance

* Administration for Strategic Preparedness and Response. (2023). HPH Cybersecurity Framework Implementation Guide (Version 2). U.S. Department of Health and Human Services.
This healthcare and public health sector guide is a web-based version of the HPH framework outlining how healthcare organizations can implement the NIST Cybersecurity Framework to improve their cybersecurity preparedness posture and manage ongoing cyber threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Administration for Strategic Preparedness and Response. (2024). Health Care Preparedness and Response Capabilities for Health Care Coalitions. U.S. Department of Health and Human Services.
This guidance document, formerly titled the "2017-2022 Health Care Preparedness and Response Capabilities" provides information on what health care delivery systems, healthcare coalitions, and emergency medical services can do to prepare for and respond to emergencies impacting healthcare operations. This includes specific sections dedicated to continuity of operations, protecting healthcare information, patient data, and networks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
American Hospital Association. (2021). Cybersecurity and Risk Advisory.
This webpage is sponsored by the American Hospital Association and includes links to resources (e.g., webinars, tools, and fact sheets) stakeholders can use to protect their healthcare facilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
American Hospital Association. (2025). CLEAR Crisis Leadership Tip Sheets. (Accessed 5/5/2025.)
This set of tip sheets highlights strategies for healthcare leaders faced with a variety of emergencies (e.g., natural disasters, cyberattacks, mass casualty incidents). Each tip sheet presents relevant examples to enhance hospitals’ and health systems’ preparedness and response capabilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2016). The Exchange, Issue 2: Cybersecurity and Cyber Hygiene. United States Department of Health and Human Services, Office of the Assistant Secretary for Preparedness and Response.
This issue of the newsletter focuses on cybersecurity events and cyber hygiene.
Favorite:
2
You must Login to add a comment
  • This item doesn't have any comments
* ASPR TRACIE. (2022). Healthcare System Cybersecurity: Readiness & Response Considerations (Document).
This resource can help healthcare facilities, and the systems they may be a part of, understand the roles and responsibilities of stakeholders before, during, and after a cyber incident.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Bhuyan, S., Kabir, U., Escareno, J.M., et al. (2019). Transforming Healthcare Cybersecurity from Reactive to Proactive: Current Status and Future Recommendations.
This paper reviews the major cyber threats facing healthcare organizations, the role of cyber attackers, cyber defenders, developers, and end-users in cybersecurity. It includes recommendations for policy makers and healthcare organizations to mitigate these threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cawthra, J., Grayson, N., Pulivarti, R., et al. (2022). Securing Telehealth Remote Patient Monitoring Ecosystem (SP 1800-30). National Institute of Standards and Technology, U.S. Department of Commerce.
This practice guide provides insight into vulnerabilities associated with Remote Patient Monitoring (RPM) systems within healthcare organizations. Collaborating with telehealth and technology partners, and healthcare leadership, NIST identified risks and solutions for improving telehealth cybersecurity practices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cawthra, J., Hodges, B., Kuruvilla, J., et al. (2020). Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector (SP 1800-24). National Institute of Standards and Technology, U.S. Department of Commerce.
The PACS ecosystem was analyzed to identify risks and vulnerabilities, as well as standards available to safeguard systems, using commercially available tools, to improve resilience and patient privacy.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cichonski, P., Millar, T., Grance, T., and Scarfone, K. (2021). Computer Security Incident Handling Guide (NIST SP 800-61). National Institute of Standards and Technology, U.S. Department of Commerce.
This publication can help agencies establish computer security incident response capabilities and ensure that incidents are handled efficiently and effectively. Note: NIST resource details show this publication was last updated in 2021, though not reflected in the document
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Resources for State, Local, Tribal, and Territorial Government. (Accessed 4/25/2025.)
This CISA webpage provides direct links to resources relevant for SLTT cyber planning needs. These include geographic specific resources by state, best practice (case studies), and an SLTT cyber toolkit to assist in understanding the threat environment, evaluating current programs, and understanding the five Cybersecurity Framework Function Areas.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Shields Up. (Accessed 4/25/2025.)
Cyberattacks can have implications for cybersecurity across the globe. This website contains guidance for organizations, corporate leaders, individuals that can help prevent and respond to cyberattacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Stop Ransomware. (Accessed 4/25/2025.)
This CISA resource page is the government’s “one-stop-shop” for ransomware information, guidance, and available services. The site specifically provides links to critical ransomware guides, checklists, alerts, and factsheets. It includes information on who to contact and how to report an incident, trainings, current campaigns, and other partner/stakeholder information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (2022). Sharing Cyber Event Information: Observe, Act, Report.
This tip sheet provides information on sharing of cyber-related events in accordance with CISA requirements. It contains guidance to clarify what type of information should be shared, with whom, under what circumstances, and what to expect once an incident is reported.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Federal Bureau of Investigation. (n.d.). Internet Crime Complaint Center IC3. (Accessed 4/25/2025.)
This FBI cybercrime homepage outlines how, when, and who to report a cyber incident to, links to additional resources such as annual reports, industry alerts, and ransomware information, as well as answers FAQs.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Federal Bureau of Investigation. (2025). The Cyber Threat.
This webpage provides an overview of cybercrime tips and areas of concern related to FBI investigations. This includes links to additional reporting guidance and information on current threats and alerts.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Federal Communications Commission, Department of Homeland Security, National Cyber Security Alliance, Chamber of Commerce. (n.d.). Cybersecurity Planning Guide. (Accessed 4/25/2025.)
This planning guide, created in partnership with other agencies and subject matter experts, was designed to assist small businesses, with limited cybersecurity resources, incorporate cyber preparedness and risk assessment activities into their organizations. It includes a list of action items, policy considerations, and best practices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Health Sector Coordinating Council Cybersecurity Working Group. (2024). Health Industry Cybersecurity Strategic Plan 2024-2029.
This plan was created for organizations throughout the healthcare ecosystem to help them implement foundational cybersecurity programs that address the operational, technological, and governance challenges posed by significant healthcare industry trends over the next five years.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Sector Cybersecurity Coordination Center (HC3). (2019). A Cost Analysis of Healthcare Sector Data Breaches.
This report highlights the cost of data breaches on healthcare facilities and how these costs are computed. Steps for mitigating risks are included, along with links to related resources.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Healthcare and Public Health Sector Coordinating Council, 405(d) Program. (n.d.). Hospital Resiliency Landscape Analysis. (Accessed 4/25/2025.) U.S Department of Health and Human Services.
This webpage provides results of a landscape analysis conducted through a partnership between the Health Sector Coordinating Council Cybersecurity Working Group and the Centers for Medicare and Medicaid Services. Information includes active threats identified, demographic background data, and key observations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare and Public Health Sector Coordinating Council, Cybersecurity Working Group. (2023). Health Industry Cybersecurity Supply Chain Risk Management Guide (HIC-SCRiM-2023)..
This toolkit can help smaller to mid-sized healthcare organizations manage product and services supply chain cybersecurity risk.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Healthcare and Public Health Sector Coordinating Council, Cybersecurity Working Group. (2025). HSCC Publications.
This webpage lists working group recommended cybersecurity publications by date and includes links to resources on operational continuity, telehealth and telemedicine cybersecurity, health industry tactical response, and information sharing.
Favorite:
1
You must Login to add a comment
  • luna sora Healthcare and Public Health Sector Coordinating Council’s Cybersecurity Working Group offers comprehensive publications vital for healthcare security. Covering telehealth cybersecurity and operational continuity, these resources set a gold standard many companies follow when designing healthcare software. By aligning with these guidelines, organizations like OSPLabs ensure robust protection of sensitive data and compliance with industry best practices.
    12/19/2024 6:37:04 AM
HHS 4D. (2024). Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP 2023 Edition).
This report outlines the primary cybersecurity threats facing the health care sector and can help organizations of all sizes access resources and best practices geared towards preparing for and responding to threats that can impact patient safety.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Independent Security Evaluators. (2016). Securing Hospitals: A Research Study and Blueprint.
The authors describe research conducted on a variety of hospital and healthcare-related infrastructures and systems; identify industry-specific challenges; and create a blueprint for improving healthcare facility security.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Indiana Cybersecurity Hub. (2023). Healthcare Cyber in a Box 2.1. Indiana State Government.
This free downloadable resource provides three levels of guidance on implementing cybersecurity activities in a healthcare setting. Included are recommendations and best practices collected from security experts to help keep digital and physical infrastructures safe.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Johnson, C., Badger, L., and Waltermire, D., et al. (2016). Guide to Cyber Threat Information Sharing (NIST SP 800-150). National Institute of Standards and Technology, U.S. Department of Commerce.
This publication can help cyber professionals in the healthcare system establish and participate in cyber threat information sharing relationships. It contains information on developing information sharing goals, identifying threat sources, engaging with existing information sharing communities, and effectively using threat information, which can help health systems share threat information in a structured fashion.
Favorite:
2
You must Login to add a comment
  • This item doesn't have any comments
Kelly, B.S., Quinn, C., Belton, N., et al. (2023). Cybersecurity Considerations for Radiology Departments Involved with Artificial Intelligence. European Radiology. 33(12): 8833-8841.
This article reviews specific cybersecurity risks and challenges related to the use of artificial intelligence in healthcare radiology settings. Included are overviews of detection and prevention techniques and strategies to reduce cyber risks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Association of County and City Health Officials. (2024). Local Health Departments: Instrumental Partners in Cybersecurity Preparedness.
This factsheet highlights strategies and tactics local health departments (LHDs) can use when partnering with their IT counterparts to identify, prepare for, and mitigate potential cybersecurity disruptions. It includes both planning and response considerations and identifies possible barriers and solutions for LHDs to implement.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Rural Health Resource Center. (2020). Cybersecurity Toolkit for Rural Hospitals and Clinics.
The toolkit can help rural healthcare facilities develop a cybersecurity program focused on awareness, assessment, implementation & remediation, and education.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Security Agency. (2022). Cybersecurity Technical Report: Network Infrastructure Security Guide.
This document provides updated guidance on securing networks against changing and evolving vulnerabilities, specifically it outlines new security features and methods to be considered. It reviews the Zero Trust model, improper system configurations, authentication, and security maintenance- among others.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Tully, J., Selzer, J., Phillips, J., et al. (2020). Healthcare Challenges in the Era of Cybersecurity. (Abstract only.) Health Security. 18(3):228-231.
This paper discusses the expansion of technology into healthcare operations, the challenges associated with such integration, and future recommendations for mitigation of growing cyber threats against health systems.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services. (2023). Healthcare and Public Health Sector -Specific Cybersecurity Performance Goals.
This document contains the HHS-developed cybersecurity performance goals which can help healthcare organizations prioritize and plan for critical cyber preparedness activities. Goals are categorized as essential and enhanced, with each category containing key information on the activities and resources needed to ensure infrastructure resilience.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services. (2023). Healthcare Sector Cybersecurity: Introduction to the Strategy of the U.S. Department of Health and Human Services.
This paper provides an overview of HHS’ proposed framework to help the health care sector address cybersecurity threats and protect patients while focusing on four steps: 1) Establish voluntary cybersecurity performance goals for the healthcare sector; 2) Provide resources to incentivize and implement these cybersecurity practices; 3) Implement an HHS-wide strategy to support greater enforcement and accountability; and 4) Expand and mature the one-stop shop within HHS for healthcare sector cybersecurity.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services. (2025). HHS Cyber Gateway.
This webpage includes links to the most current, relevant resources that highlight best practice guidance, education, threat specific intelligence, and more geared towards healthcare and public health stakeholders.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights. (n.d.). HIPAA Security Rule Guidance Material. (Accessed 4/25/2025.)
This webpage assists healthcare professionals find information about the HIPAA Security Rule and provides links to other standards and resources on safeguarding electronic protected health information.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights. (2021). Cyber Security Guidance Material. U.S. Department of Health and Human Services.
This website includes educational materials specifically designed to give HIPAA covered entities and business associate’s insight into how to respond to a cyber-related security incidents for professionals. This includes a cybersecurity checklist, infographic, ransomware guidance, NIST cyber framework information, and links to the Office of Civil Rights (OCR) cyber awareness newsletters.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (n.d.). 405(d) Resource Library. (Accessed 4/25/2025.)
This webpage provides access to all the task group products, publications, and guidance material on health sector cyber-related materials, including cybersecurity practices for small, medium, and large healthcare organizations; phishing, malware, and ransomware factsheets; cyberthreat infographics; healthcare industry cybersecurity quick start guides; and security considerations and infographics for medical devices. Many 405(d) resources are also available in Spanish: https://405d.hhs.gov/spanish
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Health and Human Services, Office of the Assistant Secretary for Preparedness and Response. (2023). Technical Volume 1: Cybersecurity Practices for Small Health Care Organizations.
This document highlights cybersecurity practices for small health care organizations, which do not traditionally have the resources needed for dedicated information technology staff.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Homeland Security. (n.d.). Healthcare and Public Health Cybersecurity. (Accessed 4/25/2025.) U.S. Department of Homeland Security.
This webpage provides information on tools, resources, and training that are focused on healthcare cybersecurity preparedness priorities, including references to cyber hygiene, strengthening cybersecurity efforts, and addressing resource constraints.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Justice, Cybersecurity Unit. (2015). Best Practices for Victim Response and Reporting of Cyber Incidents.
This document provides planning and response guidance based on lessons learned by federal prosecutors while handling cyber investigations and prosecutions. The authors drafted the document with smaller organizations (with fewer resources) in mind, but larger organizations should also find it useful.
Favorite:
4
You must Login to add a comment
  • This item doesn't have any comments
Wani, T.A., Mendoza, A., Gray, K. (2020). Hospital Bring-Your-Own-Device Security Challenges and Solutions: Systematic Review of Gray Literature. JMIR Publications Advancing Digital Health and Open Science. 8(6): e18175.
This article reviews the growing risks hospitals face with the increased use of personal mobile devices in healthcare settings. Included in the discussion are challenges faced, technical solutions, and recommended policy controls to mitigate risks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Incident Management

American Hospital Association (AMA). (2025). Cybersecurity Incident Preparedness and Response.
This webpage includes a compiled list of healthcare incident preparedness and response resources, including key lessons learned, regional cyber response guidance, and federal response support services.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Bartock, M., Cichonski, J., Souppaya, M., et al. (2016). Guide for Cybersecurity Event Recovery (NIST SP 800-84). National Institute of Standards and Technology, U.S. Department of Commerce.
The authors provide guidance for cyber attack recovery planning and emphasize the importance of learning from past events and developing, testing, and improving recovery planning. This document includes an example scenario that demonstrates guidance and informative metrics that may be helpful for improving information systems resilience.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
* Cichonski, P., Millar, T., Grance, T., and Scarfone, K. (2021). Computer Security Incident Handling Guide (NIST SP 800-61). National Institute of Standards and Technology, U.S. Department of Commerce.
This publication can help agencies establish computer security incident response capabilities and ensure that incidents are handled efficiently and effectively. Note: NIST resource details show this publication was last updated in 2021, though not reflected in the document
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (2021). Cybersecurity Incident and Vulnerability Response Playbooks: Operational Procedures for Planning and Conducting Cybersecurity Incident and Vulnerability Response Activities in FCEB Information Systems.
This CISA resource contains two playbooks, one for incident response and the other for vulnerability response. Each one contains standards and protocol to help identify, coordinate, remediate, and recover from possible cyber incidents as well as identified vulnerabilities known to affect federal agencies, their systems, data, and networks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Health Sector Coordinating Council Cybersecurity Working Group. (2024). From Panic to Plan: Executive Strategies for Handling Cybersecurity Incidents.
Healthcare executives can incorporate the considerations in this document to support informed and swift decision-making during and after a cybersecurity incident. Strategies are listed under incident response, business continuity, and communication headings; links to related resources are provided.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Healthcare and Public Health Sector Coordinating Council, Cybersecurity Working Group. (2025). HSCC Publications.
This webpage lists working group recommended cybersecurity publications by date and includes links to resources on operational continuity, telehealth and telemedicine cybersecurity, health industry tactical response, and information sharing.
Favorite:
1
You must Login to add a comment
  • luna sora Healthcare and Public Health Sector Coordinating Council’s Cybersecurity Working Group offers comprehensive publications vital for healthcare security. Covering telehealth cybersecurity and operational continuity, these resources set a gold standard many companies follow when designing healthcare software. By aligning with these guidelines, organizations like OSPLabs ensure robust protection of sensitive data and compliance with industry best practices.
    12/19/2024 6:37:04 AM
* MITRE Corporation. (2022). Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook (Version 2.0).
This playbook presents a framework that can be used by healthcare organizations and stakeholders to plan for and respond to cybersecurity attacks on medical devices. It includes supplemental information specific to regional cyber preparedness and recommendations for conducting a hazard vulnerability analysis, asset inventory, and incident reporting.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Texas, Arkansas, Louisiana, Oklahoma, New Mexico (TALON) Cyber Working Group. (n.d.). Extended Downtime: Medical Essential Elements of Information. (Contact ASPR TRACIE for access to this document.)
This slide deck provides information on consequence management during an extended cyber event impacting large portions of healthcare operations. Information includes understanding what Essential Elements of Information (EEIs) are critical during a cyber incident and outlines considerations for hospital diversion/evacuation, and long-term recovery needs.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Department of Defense, Defense Technical Information Center, Information Analysis Center. (2022). DOD Cybersecurity Policy Chart.
This chart presents cybersecurity-related policies, legal authorities, and documents in a color-coded schema for quick reference to identify relevant strategies and resources that can help prepare for and respond to cyber threats. While created by and for the Department of Defense, the information can be applied to healthcare and other critical infrastructure.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
HHS 405(d).. (2022). Legal Implications of a Cyber-Attack.
This webpage, developed by partners in the 405(d) program, provides information on the legal impacts and authorities that should be considered during and after a cyberattack in a healthcare setting. This includes overviews of what laws apply and why, as well as what obligations and responsibilities organizations should be made aware of.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
The Federal Register. (2021). Improving the Nation’s Cybersecurity.
This executive order (14028), aims to improve federal efforts to identify, deter, detect, protect against, and respond to increasingly ‘sophisticated malicious cyber campaigns. Key points include removing barriers to information sharing between government and private sector; modernizing and strengthening cybersecurity standards within the Federal government; improving software supply chain security; standardizing cybersecurity response playbooks; and improving investigation and remediation capabilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Health and Human Services, Office for Civil Rights. (2020). HIPAA for Professionals: The Security Rule.
Cybersecurity professionals can locate information about HIPAA rules, guidance on compliance, the Office for Civil Rights’ enforcement activities, frequently asked questions, and more on this webpage.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
United States Congress. (2022). Strengthening American Cybersecurity Act of 2022- S.3600.
This legislative package, a combination of three bills (the Federal Information Security Modernization Act, the Cyber Incident Reporting Act; and the Federal Secure Cloud Improvement and Jobs Act) focuses on improving cyber incident reporting obligations, modernizing cyber capabilities, and securing cloud adoption. Importantly, new reporting requirements would mandate reporting of any substantial cyber incidents by all federal civilian agencies to CISA within 72 hours.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Lessons Learned

American Hospital Association. (2025). Cybersecurity: Lessons Learned from Ransomware Attack with UVM Health.
This recording captures a discussion with the University of Vermont Medical Center president, Chief Operating Officer and Chief Medical Information Officer on lessons learned during a major ransomware attack on their facility in the Fall of 2020.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2016). Cybersecurity and Healthcare Facilities. U.S. Department of Health and Human Services, Office of the Assistant Secretary for Preparedness and Response.
Cybersecurity is a critical issue facing the ASPR TRACIE audience. In this webinar, a distinguished panel of experts describe lessons learned from recent experiences, planning considerations, and steps the federal government is taking to address cybersecurity and cyber hygiene.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2021). Healthcare System Cybersecurity Response: Experiences and Considerations (Webinar).
Speakers from healthcare facilities share their experiences and tangible lessons learned from responding to cybersecurity incidents.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2022). Healthcare Cybersecurity Select Lessons Learned.
This ASPR TRACIE TA response includes information on high-profile healthcare cyberattacks over the past five years in the U.S., to include resources and details on the associated impacts and lessons learned for clinical care delivery.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). Cyber Storm: Securing Cyber Space. (Accessed 4/25/2025.)
Cyber Storm is the U.S. Department of Homeland Security’s biennial cybersecurity exercise. This webpage includes highlights and lessons learned from exercises and links for more information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Ghafur, S., Kristensen, S., Honeyford, K., et al. (2019). A Retrospective Impact Analysis of the WannaCry Cyberattack on the NHS. NPJ Digital Medicine 2(98).
This paper summarizes the large-scale effects of the WannaCry cyberattack on the U.K National Health Service and the overarching lessons learned that have become relevant to health systems across the globe. It highlights economic, operational, and strategic outcomes including disruptions to clinical care, financial losses, and workforce impacts.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
He, Y., Aliyu, A., Evans, M., et al. (2021). Health Care Cybersecurity Challenges and Solutions Under the Climate of COVID-19: Scoping Review. Journal of Medical Internet Research. 23(4): e21747.
This review paper discusses the implications of cyber vulnerabilities related to changes to operational practice during the COVID-19 pandemic. Included are overviews of key challenges, breakdown of specific vulnerabilities, and recommended solutions and actions that can be taken to mitigate cyber risks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Marsh-Armstrong, B., Pacheco, F., Dameff, C., et al. (2024). Design and Pilot Study of a High-Fidelity Medical Simulation of a Hospital-Wide Cybersecurity Attack. Research Square [Preprint V1].
This preprint article discusses the methods and results of a simulation study conducted to show the impact of a cybersecurity incident on patient care in a hospital setting. Real-life scenarios included lack of access to medical records, communications, and imaging capabilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Mehrtak, M., SeyedAlinaghi, S., MohsseniPour, M., et al. (2021). Security Challenges and Solutions Using Healthcare Cloud Computing. Journal of Medicine and Life 14(4):448–461.
This systematic review examined 930 full text studies, from 2015 to 2020, to identify the most common cloud security issues impacting healthcare systems. The researchers included a breakdown of these issues as well as potential solutions that were most frequently cited.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Paul, C., Bilger, E., Kango, G., et al. (2021). Residency Program Preparedness for Prolonged Downtime: Lessons Learned from a Cyberattack. Journal of Graduate Medical Education.13(5): 626–630.
This article outlines the experiences of a university hospital during a cyber incident that resulted in seven days of complete computer downtime. It provides charts and workflow models outlining impacts, as well as recommended workarounds and sample documentation to supplement impacted operations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S Department of Health and Human Services, Office of the Chief Information Officer. (2022). Lessons Learned from the HSE Cyber Attack.
This HHS slide deck reviews the 2021 cyberattack against the Health Service Executive (HSE), Ireland’s publicly funded healthcare system. Information included in the summary details the impacts caused by the Conti ransomware attack, subsequent disruptions to health system operations, and key findings and challenges associated with response and recovery.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Verizon. (2024). 2024 Data Breach Investigations Report.
Verizon examined more than 10,000 security incidents affecting various industries, including healthcare. They found that of the 1,378 healthcare breaches, 1,220 had confirmed data loss, and miscellaneous (perhaps innocent) errors, privilege misuse, and system intrusion (in order of occurrence) represent 83% of breaches. The rest of the report highlights incident classification patterns and provides a regional analysis.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Medical Devices

Armstrong, D.G. Kleidermacher, D.N., Klonoff, D.C., and Slepian, M.J. (2015). Cybersecurity Regulation of Wireless Devices for Performance and Assurance in the Age of "Medjacking.". Journal of Diabetes Science and Technology. 10(2): 435-438.
The authors outline a framework for securing wireless health devices to minimize the occurrence of “medjacking,” or the hacking medical devices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Barola, V.A., Singh, P., Diwakar, M. (2024). Introduction to Security Risk Assessment in Medical and Healthcare Industry. Vol 11: 1-24. Springer Nature.
This book chapter reviews what growing cyber threats are recognized in the medical field, specifically related to medical device vulnerabilities and the need for implementing robust security assessments to detect and effectively remove cyber vulnerabilities within the healthcare infrastructure.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Freyer, O., Jahed, F., Osterman, M., et al. (2024). Consideration of Cybersecurity Risks in the Benefit-Risk Analysis of Medical Devices: Scoping Review. Journal of Medical Internet Research. 26.
This scoping review highlighted legal frameworks, guidelines, and standards in the U.S., Canada, South Korea, Singapore, Australia, the United Kingdom, and the European Union specific to how cybersecurity risks should be considered relative to the behavioral risk analysis of medical devices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health- Information Sharing and Analysis Center (H-ISAC). (n.d.). Medical Device Manufacturing Security. (Accessed 4/25/2025.)
This reference page provides a list of quicklinks to major medical device manufacturer’s product security websites. Manufacturers are listed by name with corresponding URLs to product security information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
HHS 405(d). (n.d.). HICP: Attacks on Connected Medical Devices. (Accessed 4/24/2025.)
This information sheet provides information on real-world cyberattack scenarios for connected medical devices, including how to recognize an incident has occurred, mitigation strategies, and available support services.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Klonoff, D.C. (2015). Cybersecurity for Connected Diabetes Devices. Journal of Diabetes Science and Technology. 9(5):1143-7.
The author provides an overview of the “CIA Triad” for information security, where C stands for confidentiality, I stands for integrity, and A stands for availability. The author explains how a cybersecurity standard designed specifically for connected diabetes devices will improve device safety and increase security.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Kramer, D.B. and Fu, K. (2017). Cybersecurity Concerns and Medical Devices Lessons From a Pacemaker Advisory. (Abstract only.) JAMA Network 318(21):2077-2078.
This paper outlines vulnerabilities associated with increased medical device use in wireless communication and remote monitoring. It details several cyber incidents and highlights considerations in preparing for future incidents, and the importance of engaging stakeholders public and private sector.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* MITRE Corporation. (2022). Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook (Version 2.0).
This playbook presents a framework that can be used by healthcare organizations and stakeholders to plan for and respond to cybersecurity attacks on medical devices. It includes supplemental information specific to regional cyber preparedness and recommendations for conducting a hazard vulnerability analysis, asset inventory, and incident reporting.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
MITRE Corporation, U.S. Food and Drug Administration. (2022). Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook- Quick Start Companion Guide.
This quick start guide includes tables of related resources that align with the “Medical Device Cybersecurity” playbook’s structure. The first two tables focus on regional preparedness and response, and the following tables focus specifically on medical device cyber preparedness and response needs.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration. (n.d.). The FDA's Role in Medical Device Cybersecurity. (Accessed 4/25/2025.)
Myths and facts about medical device cybersecurity are shared in this table geared towards manufacturers and providers.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration. (2018). Content of Premarket Submissions for Management of Cybersecurity in Medical Devices: Guidance for Industry and Food and Drug Administration Staff. U.S. Department of Health and Human Services.
This guidance provides recommendations to consider and information to include in FDA medical device premarket submissions for effective cybersecurity management. Effective cybersecurity management is intended to reduce the risk to patients by decreasing the likelihood that device functionality is intentionally or unintentionally compromised by inadequate cybersecurity.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration. (2022). Tips for Clinicians: Keeping Your Patients’ Connected Medical Devices Safe.
This video describes steps clinicians can take to ensure their patients’ medical devices and privacy are protected. It includes questions health care providers should ask manufacturers of medical devices, and when to contact the manufacturer.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration. (2023). Cybersecurity.
This website provides updates on cybersecurity requirements for medical devices. It includes a timeline of how the Consolidated Appropriations Act updated these requirements, information on mitigating cybersecurity risks, and links to cybersecurity reports and whitepapers for medical devices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration, Center for Devices and Radiological Health. (2021). Best Practices for Communicating Cybersecurity Vulnerabilities to Patients.
This document was developed to assist healthcare professionals, industry partners, and federal partners communicate information about cybersecurity vulnerabilities. It contains best practices and tips for creating clear, concise, and easy to consume messaging to patients and the public.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Williams, P.A. and Woodward, A.J. (2015). Cybersecurity Vulnerabilities in Medical Devices: A Complex Environment and Multifaceted Problem. Medical Devices. 8:305-16.
The authors review the factors that can contribute to cybersecurity vulnerabilities in medical devices and provide guidance regarding protection mechanisms, mitigations, and processes.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments

Plans, Tools, and Templates

* Administration for Strategic Preparedness and Response. (2023). HPH Cybersecurity Framework Implementation Guide (Version 2). U.S. Department of Health and Human Services.
This healthcare and public health sector guide is a web-based version of the HPH framework outlining how healthcare organizations can implement the NIST Cybersecurity Framework to improve their cybersecurity preparedness posture and manage ongoing cyber threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Administration for Strategic Preparedness and Response. (2023). RISC Toolkit 2.0. U.S. Department of Health and Human Services.
The Risk Identification and Site Criticality (RISC) Toolkit is an objective, data-driven all-hazards risk assessment that can be used by public and private organizations within the Healthcare and Public Health Sector to inform emergency preparedness planning, risk management activities, and resource investments with a focus on security and infrastructure protection. The RISC Toolkit provides owners/operators in the HPH Sector with standards-based evaluation criteria.
Favorite:
1
You must Login to add a comment
  • Tony Barker Great tool that has very effective resource links. Makes the HVA process evidence based and provides an excellent format for use. Thank you to the development team!
    12/12/2018 12:56:37 PM
Administration for Strategic Preparedness and Response. (2026). Cybersecurity Module. (Free registration required.)
This module of the RISC 2.0 Toolkit guides users through a series of questions about their cybersecurity policies, controls, and practices. Responses are scored against both the NIST Cybersecurity Framework 2.0 and the HHS Cybersecurity Performance Goals, helping users determine how their facility compares to established best practices, identify gaps, and prioritize investments to strengthen cybersecurity resilience.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* ASPR TRACIE. (2022). Healthcare System Cybersecurity: Readiness & Response Considerations (Document).
This resource can help healthcare facilities, and the systems they may be a part of, understand the roles and responsibilities of stakeholders before, during, and after a cyber incident.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2025). Health Care Coalition Cybersecurity Assessment (PDF).
This assessment can help health care coalitions evaluate the current state of cybersecurity resilience and identify gaps, promising practices, and current policies at the coalition level.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
ASPR TRACIE. (2025). Health Care Coalition Extended Downtime Delivery Impact Assessment (PDF).
This assessment can help health care coalitions evaluate the current state of downtime readiness and identify gaps, promising practices, and current policies at the coalition level.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). Assessments: Cyber Resilience Review (CRR). (Accessed 4/25/2025.)
This website explains the (free) cyber resilience review process and lists benefits and variables measured. It also explains the cyber security evaluation tool and its benefits. Important links for getting started and requesting reviews are also included.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Resources for State, Local, Tribal, and Territorial Government. (Accessed 4/25/2025.)
This CISA webpage provides direct links to resources relevant for SLTT cyber planning needs. These include geographic specific resources by state, best practice (case studies), and an SLTT cyber toolkit to assist in understanding the threat environment, evaluating current programs, and understanding the five Cybersecurity Framework Function Areas.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (2021). Cybersecurity Incident and Vulnerability Response Playbooks: Operational Procedures for Planning and Conducting Cybersecurity Incident and Vulnerability Response Activities in FCEB Information Systems.
This CISA resource contains two playbooks, one for incident response and the other for vulnerability response. Each one contains standards and protocol to help identify, coordinate, remediate, and recover from possible cyber incidents as well as identified vulnerabilities known to affect federal agencies, their systems, data, and networks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (2024). Communications and Cyber Resiliency Toolkit. U.S Department of Homeland Security.
This webpage includes a variety of information, links, and resources related to cybersecurity best practices, emergency communications planning, and public safety planning and resilience.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (2024). The National Cyber Incident Response Plan (NCIRP).
This plan applies to significant cyber incidents that have the potential to cause significant harm to national security interests, foreign relations, economy, or public health and safety. Sections include Roles and Responsibilities; Core Capabilities; and Coordinating Structures and Integration. Additional guidance is provided in the appendices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Federal Communications Commission. (n.d.). Cyberplanner. (Accessed 4/25/2025.)
This FCC tool, designed to assist small businesses with limited cybersecurity resources, is an online resource to help smaller businesses develop customized cybersecurity plans. It includes step-by-step guidance and links to additional cybersecurity resources and tip sheets.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Federal Communications Commission, Department of Homeland Security, National Cyber Security Alliance, Chamber of Commerce. (n.d.). Cybersecurity Planning Guide. (Accessed 4/25/2025.)
This planning guide, created in partnership with other agencies and subject matter experts, was designed to assist small businesses, with limited cybersecurity resources, incorporate cyber preparedness and risk assessment activities into their organizations. It includes a list of action items, policy considerations, and best practices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Sector Coordinating Council Cyber Security Working Group. (2025). Health Industry Cybersecurity – Sector Mapping and Risk Toolkit (SMART).
The SMART Toolkit provides healthcare executives from facilities and organizations of all sizes with templates and a methodology to visualize, identify and measure systemic risk posed by third party technology, software and communications services essential to clinical, administrative and manufacturing workflows.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Health Sector Coordinating Council Cybersecurity Working Group. (2024). From Panic to Plan: Executive Strategies for Handling Cybersecurity Incidents.
Healthcare executives can incorporate the considerations in this document to support informed and swift decision-making during and after a cybersecurity incident. Strategies are listed under incident response, business continuity, and communication headings; links to related resources are provided.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Health Sector Coordinating Council Cybersecurity Working Group. (2024). Health Industry Cybersecurity Strategic Plan 2024-2029.
This plan was created for organizations throughout the healthcare ecosystem to help them implement foundational cybersecurity programs that address the operational, technological, and governance challenges posed by significant healthcare industry trends over the next five years.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare & Public Health Sector Coordinating Councils. (2023). Health Industry Cybersecurity – Coordinated Healthcare Incident Response Plan (CHIRP).
This template aims to prepare health care organizations for the operational impacts of a cybersecurity incident by bringing together separate components of emergency plans. It contains information on command center synchronization, incident identification, communication strategy, containment strategy, and the interim solution request process.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare and Public Health Sector Coordinating Council. (2023). Technical Volume 2: Cybersecurity Practices for Medium and Large Healthcare Organizations.
This guidance document outlines healthcare cybersecurity best practices for medium-sized and large healthcare organizations. It provides an index of existing industry practices and contains technical details, plans, and recommendations for implementing cybersecurity within the organization. Examples of medium sized organizations are community hospitals, critical access hospitals with 50+ beds, or larger medical groups. Examples of larger organizations include large health systems made up of multiple hospitals, integrated delivery networks, or clinical groups with multiple geographically dispersed locations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Healthcare and Public Health Sector Coordinating Council, 405(d) Program. (n.d.). Hospital Resiliency Landscape Analysis. (Accessed 4/25/2025.) U.S Department of Health and Human Services.
This webpage provides results of a landscape analysis conducted through a partnership between the Health Sector Coordinating Council Cybersecurity Working Group and the Centers for Medicare and Medicaid Services. Information includes active threats identified, demographic background data, and key observations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Mass Digital Health. (n.d.). Cybersecurity Toolkit for Digital Health. (Accessed 4/25/2025.) Massachusetts eHealth Institute.
This online toolkit provides a variety of resources for digital health professionals to assist with cybersecurity readiness activities. It includes checklists, best practices, and recommended standards for deployment of new health-related software and medical devices in a hospital setting.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* MITRE Corporation. (2022). Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook (Version 2.0).
This playbook presents a framework that can be used by healthcare organizations and stakeholders to plan for and respond to cybersecurity attacks on medical devices. It includes supplemental information specific to regional cyber preparedness and recommendations for conducting a hazard vulnerability analysis, asset inventory, and incident reporting.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Energy. (2022). Cybersecurity Capability Maturity Model (C2M2).
The C2M2 tool, developed in 2012, was created to assist organizations with evaluating and improving their cybersecurity capabilities. The 2022 C2M2 Version 2.1 update addresses emerging technologies and the evolving cyber threat landscape.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights and Office of the National Coordinator for Health Information Technology. (2022). Security Risk Assessment (SRA) Tool.
The Security Risk Assessment tool was designed to help guide healthcare providers in small to medium-sized offices conduct risk assessments of their organizations’ HIPAA compliance. This webpage contains a user guide and tutorial video. Users can download the 156 question app to their computers or iPads.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Health and Human Services, Office of the Assistant Secretary for Preparedness and Response. (2023). Technical Volume 1: Cybersecurity Practices for Small Health Care Organizations.
This document highlights cybersecurity practices for small health care organizations, which do not traditionally have the resources needed for dedicated information technology staff.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* U.S. Department of Homeland Security. (n.d.). Healthcare and Public Health Cybersecurity. (Accessed 4/25/2025.) U.S. Department of Homeland Security.
This webpage provides information on tools, resources, and training that are focused on healthcare cybersecurity preparedness priorities, including references to cyber hygiene, strengthening cybersecurity efforts, and addressing resource constraints.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Ransomware Resources

Cybersecurity and Infrastructure Security Agency. (n.d.). Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches. (Accessed 4/25/2025.)
This factsheet provides an overview of the impacts of ransomware, a summary of recent attacks, and includes a preparedness checklist with links to guidance on cyber hygiene and vulnerability testing. It also outlines best practices for protecting sensitive and personal information and responding to ransomware-caused data breaches.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Stop Ransomware. (Accessed 4/25/2025.)
This CISA resource page is the government’s “one-stop-shop” for ransomware information, guidance, and available services. The site specifically provides links to critical ransomware guides, checklists, alerts, and factsheets. It includes information on who to contact and how to report an incident, trainings, current campaigns, and other partner/stakeholder information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (2016). Ransomware and Recent Variants.
This factsheet provides an overview of ransomware and shares how the variants Locky and Samas were recently used to compromise healthcare networks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Federal Bureau of Investigation. (n.d.). Internet Crime Complaint Center IC3- Ransomware. (Accessed 4/25/2025.)
This FBI cybercrime homepage answers FAQs, outlines how, when, and who you should report a cyber incident to, and links to additional resources such as annual reports, industry alerts, and ransomware information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Sector Cybersecurity Coordination Center (HC3). (n.d.). Prepare, React, and Recover from Ransomware. (Accessed 4/25/2025.)
This infographic presents ransomware-related cybersecurity information in an easy to reference and format that can be used in trainings and exercises to increase awareness on preparing for, reacting to, and recovering from a cyber incident.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Institute for Security and Technology. (2021). Combating Ransomware, A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force.
This framework, developed by over 60 experts across industry, academia, and government, is part of a public-private anti-ransomware campaign to increase awareness and resilience. The framework includes a breakdown of priority ransomware issues, current mitigation efforts, key recommendations, and an overview of the framework’s call to action.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (n.d.). Data Integrity Recovering from Ransomware and Other Destructive Events (NIST SP 1800-26). (Accessed 4/25/2025.)
This webpage is a comprehensive list of NIST data integrity and data breach security guidance documents. It provides information on potential targets of data corruption, including ransomware, malware, and insider threats. It includes information on resources and tools that support vulnerability detection, response efforts, and practical safety measures to minimize damage from loss of data.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (2021). Tips and Tactics for Dealing with Ransomware.
This webpage includes quick reference guides, best practices, videos, and factsheets on preventive measures to help organizations prepare for ransomware attacks and links to additional cyber awareness tips.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (2022). Ransomware Protection and Response.
This webpage provides links and access to collective NIST ransomware resources including, risk management guidance, a Quick Start Guide, videos, tip sheets, and infographics, as well as information on the Ransomware Risk Management cybersecurity framework.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology, Computer Security Resource Center. (2022). Getting Started with Cybersecurity Risk Management: Ransomware.
This quick start guide is meant to help organizations prepare to counter ransomware attacks that are based on the NIST Cybersecurity Framework’s five key functions that include Identifying, Protecting, Detecting, Responding, and Recovering. It is applicable to smaller organizations and those with limited resources.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Souppaya, M. and Scarfone, K. (2013). Guide to Malware Incident Prevention and Handling for Desktops and Laptops (NIST SP 800-83, Rev.1). National Institute of Standards and Technology, U.S. Department of Commerce.
The authors provide recommendations that can help an organization prevent, prepare for, respond to, and recover from malware incidents, especially widespread ones. Several types of malware are addressed (e.g., worms, viruses, and Trojan horses) and Appendix B provides malware incident handling scenarios that can help identify strengths and gaps in a facility’s cybersecurity plans.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (2022). The Impact of Ransomware on Healthcare. 405(d) Post:Volume XV).
This newsletter highlights the impacts of ransomware on the healthcare sector since 2021. It outlines key issues, statistics, and solutions that include links to additional sources of information on cybersecurity resilience efforts.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of the Chief Information Officer. (2019). HC3 Intelligence Briefing Update Ransomware Threat to State & Local Governments.
This presentation highlights key aspects of ransomware threats, early examples of attacks, operational impacts on healthcare, emerging trends, and strategies for protecting from and detecting vulnerabilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of the Chief Information Officer. (2021). Conti Ransomware and the Health Sector.
This threat briefing reviews key aspects of the Conti ransomware attacks on the health sector, recent high-profile attacks, and description of impacts to hospital operations via real-world examples.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Secret Service, Cybercrime Investigations. (n.d.). Preparing for a Cyber Incident. (Accessed 4/25/2025.)
This guide explains the actions organizations can take to better understand the technological and regulatory limitations, responsibilities, and resources available to them, and how to incorporate the information into their operations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Risk and Threat

American Hospital Association. (n.d.). Cybersecurity and Risk Advisory Services. (Accessed 4/25/2025.)
This webpage contains information on AHA cyber services aimed at helping members increase resiliency against growing threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Anti-Phishing Work Group. (2023). APWG Cybercrimes and Phishing Resources.
The Anti-Phishing Working Group (AFWG) is a coalition whose goal is to unify “the global response to cybercrime across industry, government, and law enforcement sectors and NGO communities.” Their website includes links to helpful phishing and cybercrime resources with links to phishing reporting mechanisms, and eCrime alerts.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
Carnegie Mellon University, Software Engineering Institute. (2025). Vulnerability Notes Database.
This webpage includes information on recently published vulnerabilities, including technical details, remediation information, and lists of affected vendors. It also has search capabilities, links to archived vulnerability information, and guidance for reporting an incident.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). Free Cybersecurity Services and Tools: Cyber Hygiene Vulnerability Scanning. (Accessed 4/25/2025.)
This CISA webpage provides information on how to access their free cyber hygiene services that include scanning, testing, and assessments.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (n.d.). National Cyber Awareness System. (Accessed 4/25/2025.)
This CISA information page is a single point of access for all current Federal cybercrime information including alerts, tips, bulletins, and analysis reports. It also contains up to date information on security topics, threats, and vulnerabilities that can be found by date in the “Alerts” and “Bulletins” sections.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
* Cybersecurity and Infrastructure Security Agency. (n.d.). Shields Up. (Accessed 4/25/2025.)
Cyberattacks can have implications for cybersecurity across the globe. This website contains guidance for organizations, corporate leaders, individuals that can help prevent and respond to cyberattacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. (2025). Known Exploited Vulnerabilities Catalog.
This webpage houses information on the KEV catalog, a federal “living list” of frequently abused vulnerabilities that are of significant risk to the national enterprise. This includes links to the list itself, criteria for adding vulnerabilities, and information on mitigation, workarounds, and prioritizing threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Sector Cybersecurity Coordination Center (HC3). (2021). Sector Alert: Picture Archiving Communication Systems (PACS) Vulnerabilities.
This alert summarizes known vulnerabilities identified in PACS systems and servers since 2019 and includes guidance on mitigation and resources to reference more for more in-depth information.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare Information and Management Systems Society. (2023). 2023 HIMSS Healthcare Cybersecurity Survey.
The 2020 cybersecurity survey provides insight into the landscape of U.S. healthcare organizations based on feedback from 168 U.S.-based industry professionals. It discusses the most common and significant security incidents, major threat actors and target areas, as well as where healthcare sector resilience gaps exist and can be improved.
Favorite:
1
You must Login to add a comment
  • This item doesn't have any comments
InfraGard. (n.d.). InfraGard: Partnership for Prevention. (Accessed 4/25/2025.)
InfraGard is a partnership between the private sector and the Federal Bureau of Investigation, and members from businesses, academia, state and local law enforcement who represent 16 critical infrastructures (including emergency services and healthcare and public health) to facilitate information sharing on emerging technology and threats. Interested parties can apply to join online, and the open-access part of the webpage includes links to state and local chapters and a calendar of events.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Inkster, B., Knibbs, C., and Bada, M. (2023). Cybersecurity: A Critical Priority for Digital Mental Health. Frontiers in Digital Health. 5:1242264.
This article discusses cybersecurity in the digital mental healthcare industry, including an overview of risks and vulnerability, and initial recommendations for securing and mitigating future threats and attacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Institute for Critical Infrastructure Technology. (2019). An Insight into the Current Security Posture of Healthcare IT: A National Security Concern.
This project, conducted in tandem with Carnegie Mellon University, aimed to assess the cybersecurity readiness level of the healthcare sector across healthcare IT, supply chain security, and emerging technology domains. The final report, presented to HHS, VA, and private sector experts during a government summit, included a summary of disruptions and potential threats to health information systems, security threats to connected devices, and a comparison of cybersecurity frameworks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
MITRE. (2021). ATT&CK.
This resource is an opensource repository (or ‘knowledge base’) of known adversarial threat tactics and techniques collected by experts. It contains a matrix of tactics, techniques, sub-techniques, and defense evasions, among others, that break down methods used by cyber criminals to infiltrate systems.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
MITRE. (2022). Health Cyber: Resource Library.
This repository page is an easy way to navigate a variety of cyber-related healthcare resources collected from federal, private, and MITRE-produced data. Users can navigate by resource type (i.e., analyst note, official report, tool, website), user role, date, title, or organization type.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. (2021). National Vulnerability Database.
This database is a federal repository of ‘standards-based vulnerability management data’ using the Security Content Automation Protocol (SCAP). It includes security checklists, security-related software flaws, misconfigurations, product names, and impact metrics.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Skahill, E., West, D.M. (2021). Why Hospitals and Healthcare Organizations Need to Take Cybersecurity More Seriously. Brookings Institute.
This article highlights recent cyberattacks on major infrastructure such as the health sector and outlines the operational and financial impacts experienced. It underscores the major challenges facing the healthcare industry, including updated statistics and data, as well as recommendations for preventing future attacks.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Texas, Arkansas, Louisiana, Oklahoma, New Mexico (TALON) Cyber Working Group. (n.d.). Health Care Coalition Cybersecurity Assessment. (Contact ASPR TRACIE for access to this document.)
This assessment discusses the results of a cyber working group’s threat analysis conducted in their region. Topics include the evolving threat of ransomware, cyber threats to critical infrastructure (e.g., the energy grid, water and wastewater systems, etc.), as well as planning, training, and preparedness activities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Health Sector Cybersecurity Coordination Center (HC3). (2022). HC3 Products.
This health sector page provides access to HC3 and partner threat briefs, sector alerts, joint threat bulletins, and other cyber-related resources to help organizations maintain situational awareness of current cyber vulnerabilities and threats.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (2021). The Evolution of Ryuk.
This slide deck provides an overview of one of the largest medical cyberattacks in history. It includes a summary of the initial attacks, new variant and vulnerabilities, as well as describes impacts and best practice prevention methods for healthcare facilities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (2021). Threats in Healthcare Cloud Computing.
This slide deck provides an overview of HHS cloud computing guidance for the healthcare sector and is targeted for a technical and non-technical audience. It reviews cloud services, cloud models, and their associated risks, and vulnerabilities as well as preparedness and response activities.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office of Information Security. (2022). Log4J Vulnerabilities and the Health Sector.
This slide deck contains an overview of Log4j vulnerabilities that may impact the health sector. It includes a summary of known compromises, timeline of major vulnerability events, and best practices relevant to healthcare.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments

Agencies and Organizations

American Hospital Association. Center for Health Innovation. Cybersecurity & Digital Health.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Anti-Phishing Work Group.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Carnegie Mellon University. Software Engineering Institute.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. Cybersecurity Best Practices.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Cybersecurity and Infrastructure Security Agency. Healthcare and Public Health Sector.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Domestic Security Alliance Council. DSAC Cyber Resources.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Federal Bureau of Investigation. Cyber Crime.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Health Information Sharing and Analysis Center.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare and Public Health Sector Coordinating Council (HSCC). Cybersecurity Working Group (CWG).
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
Healthcare Information and Management Systems Society. HIMSS Cybersecurity and Privacy.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
HealthcareITNews. Privacy and Security.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
MITRE. Health Cyber.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Council of Information Sharing and Analysis Centers (ISACs).
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
National Institute of Standards and Technology. Information Technology- Cybersecurity.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S Department of Health and Human Services. Office of the Chief Information Officer. OCIO Cybersecurity.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services. Health Sector Cybersecurity Coordination Center (HC3).
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Department of Health and Human Services, Office for Civil Rights. HIPAA for Professionals.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Food and Drug Administration. Medical Devices. Digital Health Center of Excellence.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
U.S. Secret Service. Cyber Investigations.
Favorite:
You must Login to add a comment
  • This item doesn't have any comments
This Topic Collection was updated in April 2025 and August 2022. It was comprehensively reviewed in May 2016 by the following subject matter experts (listed in alphabetical order):

Bryan Cline, Ph.D., Vice President, Standards & Analytics, Health Information Trust Alliance; Scott Cormier, Vice President, Emergency Management, EC, and Safety, Medxcel; Steve Curren, MSFS, Director, Division of Resilience, Office of Emergency Management, HHS ASPR; Andrea Geiger, Health Information Privacy and Security Specialist, U.S. Department of Health and Human Services, Office for Civil Rights; John Hick, MD, HHS ASPR and Hennepin County Medical Center; Iliana Peters, Senior Health Information Privacy Specialist, U.S. Department of Health and Human Services, Office for Civil Rights; Patrick Pilch, CPA, MBA, Managing Director and National Healthcare Advisory Leader, BDO; Shahryar Shaghaghi, MS, Technology Advisory Services National Leader and Head of International Cybersecurity, BDO; and Staff from the Office of Information Security, HHS.
footer

Enter your email address to receive important announcements and updates through the ASPR TRACIE Listserv.