NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER

embarrassedlopsidedΤεχνίτη Νοημοσύνη και Ρομποτική

14 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

119 εμφανίσεις

NATIONAL HEALTH INFORMATION SHARING & ANALYSIS CENTER


THE NATION’S

HEALTHCARE
& PUBLIC HEALTH SECTOR

INFORMATION SHARING & ANALYSIS CENTER

Information & Cybersecurity

Threat & Vulnerability Protection,

Best Practice & Education

NH
-
ISAC


HEALTHCARE & PUBLIC HEALTH CRITICAL INFRASTRUCTURE PROTECTION


EXECUTIVE OVERVIEW



1.
National Critical Infrastructure and Key Resources (CIKR) Protection


Public/Private Partnership

2.
Cybersecurity Overview


Threats/Vulnerabilities/Attacks

3.
Protecting the Health & Public Health Sector


US
Department of Health & Human Services, US DHS


Health Sector Coordinating Council


Government/Private Sector


National Health Information Sharing & Analysis Center (NH
-
ISAC
)

4.
NH
-
ISAC Membership


Value Proposition




Executive Overview Agenda

Homeland Security Presidential Directive 7 (HSPD
-
7)


National CIKR Protection

Sector
-
Specific

Agency (SSA)

Critical

Infrastructures & Key Resources

Department Of Agriculture

Department

of Health & Human Services

Agriculture & Food

Department of Defense

Defense Industrial

Base

Department of Energy

Energy

Department of Health & Human Services

Healthcare & Public Health

Department of the Interior

National Monuments and Icons

Department of the Treasury

Banking

& Finance

Environmental Protection Agency

Water

Department

of Homeland Security (DHS)

Office of Infrastructure Protection

Chemical

/
Commercial Facilities / Dams

Critical Manufacturing

/
Emergency Services

Nuclear Reactors, Materials and Waste

DHS Office of Cybersecurity & Communications

Information Technology

Communications


DHS Transportation Security Administration

Postal and Shipping

DHS Transportation Security Administration

United States Coast Guard

Transportation Systems

DHS Immigration & Customs Enforcement,


Federal Protective Service

Government Facilities

National Infrastructure Protection Plan (NIPP
)
-

After
9/11, 18 National Critical Infrastructures and Key Resources
(CIKR) were identified for protection.

Presidential Directive (HSPD
-
7)


Established national
Policy to identify and prioritize US critical infrastructures
and key resources


protecting from terrorist attacks.

Recognizing that each infrastructure possessed its own
unique characteristics and operating models, Sector
-
Specific Agencies (SSAs) were identified to develop sector
CIKR protection plans.

Information Sharing & Analysis Centers (ISACs)
-

Federal
departments (US DHS, FBI, etc.) and SSAs collaborate in a
public/private partnership with sector
-
specific ISACs to
encourage sector
-
specific mechanisms to monitor, identify,
prioritize, analyze and coordinate sector protection
(physical and cyber).

1


CIKR Protection


DHS Information Sharing Environment (ISE) CIKR Components


Coordination & Governance / Risk Mitigation

Relationship Management / Information Exchange

Content Identification & Development

INFORMATION SHARING & ANALYSIS CENTERS (ISACs)

The

definition

of

an

ISAC

is

"a

trusted,

sector
-
specific

entity

which

provides

to

its

constituency

a

24
/
7

Secure

Operating

Capability

that

establishes

the

sector’s

specific

information/intelligence

requirements

for

incidents,

threats

and

vulnerabilities

(two
-
2
ay

information

sharing)
.

Based

on

its

sector
-
focused

subject
-
matter

analytical

expertise,

the

ISAC

then

collects,

analyzes

and

disseminates

alerts

and

incident

reports

to

its

membership

and

helps

the

government

understand

impacts

for

its

sector
.


ISAC

Characteristics
:

Trusted

Information

Sharing

&

Analysis,

Trusted

Sector

and

Cross
-
Sector

Relationships,

Trusted

Private

Sector

Subject

Matter

Experts,

International

Reach


Protection Partnership / 2
-
Way Information Sharing
-

ISACs

1


CIKR Protection



Coordinating Council




Federal Sector
-
Specific Agency (SSA)



Government Coordinating Council (GCC)




Critical Infrastructure



Sector Coordinating Council (SCC)



Information Sharing & Analysis Center (ISAC)


GCC/Government



Federal Depts. (DHS,
etc.), Federal Agencies, State, City, County

SCC/Private Sector
-

Industry,
Owner/Operators, Trade Associations,
Standards Organizations, Academia, etc.

CIKR / SSA / Coordinating Council / ISAC


Collaborative Partnership

For each National Critical Infrastructure, a Federal Sector
-
Specific Agency (SSA) has a Coordinating Council
(Government/Private) working in a collaborative partnership with sector
-
specific Information Sharing & Analysis Centers
(ISACs).

Private Sector Critical Infrastructure & Key Resources

(Owner/Operators, Industry, Academia, etc.)


1


CIKR Protection


Communications ISAC (NCC), Electric Sector ISAC (IS
-
ISAC), Emergency Management & Response
ISAC (EMR
-
ISAC), Financial Services, ISAC,
Health ISAC (NH
-
ISAC)
, Highway ISAC (First
Observer), IT ISAC

NATIONAL COUNCIL OF ISACs

Maritime Security Council ISAC, Multi
-
State ISAC, Nuclear ISAC (NEI), Public Transportation ISAC
(APTA), Real Estate ISAC, Research & Education Networking ISAC (REN
-
ISAC), Supply Chain ISAC
(SC
-
ISAC)

Surface Transportation ISAC (ST
-
ISAC), Water ISAC, Chemical Sector Coordinating Council, Defense
Security Information Exchange, Oil and Natural Gas Coordinating Council, Partnership for Critical
Infrastructure Security, Regional Consortium Coordinating Council

National Council of ISACs

The mission of the Information
Sharing and Analysis Centers
Council
(National Council of ISACs)

is
to advance the physical
and


cyber security of the critical
infrastructures of North America by
establishing and maintaining a
framework for valuable interaction
between and among the ISACs and
with government.

1


CIKR Protection


http://www.isaccouncil.com/

National Health ISAC (NH
-
ISAC)


National Council of ISACs Member

1


CIKR Protection


WHAT IS INFORMATION AND CYBER SECURITY?


Prevents exploitation of information either in paper
-
based or electronic information systems


Ensures confidentiality, integrity and availability of systems and data


Includes restoring electronic information and communications systems in the event of a terrorists attack or natural disaster

WHAT IS CYBER INFRASTRUCTURE?


Physical assets and virtual systems and networks that enable key capabilities and services in both the public and private sec
tor
s

IMPORTANCE OF CYBER INFRASTRUCTURE


Information technology (IT) supports three (3) types of cyber infrastructures across the various CIKR sectors

1.
Business Systems


Mission essential systems that are used to manage or support common business process and operations

2.
Control Systems


Cyber systems used to monitor and control sensitive processes and physical functions (SCADA, HVAC, Environment

Control
Systems, Lab
-
Based Surveillance, Healthcare


Medical Devices, Monitors, Medical Equipment, etc. )

3.
Safety, Security, Support and Other Specialty Systems


Cyber systems used to manage physical access or for alerting and notific
ation
purposes (Computerized alarm systems, electronic card readers, biometrics, radio frequency, identification (RFID), emergency
ale
rt systems,
HAZMAT systems, etc.


Protection of physical and cyber assets and interoperability is problematic due to the interconnected and interdependent natu
re
of the nation’s critical
infrastructures


especially the nation’s Healthcare and Public Health Sector.

Cybersecurity is much more than “User Names” and “Passwords”

Business Management Holds Responsibility for Security (Both Physical/Cyber)……………Technology Enables It.

2



Cybersecurity


CYBER THREAT ISSUES / TRENDS


Threats evolve quickly


as soon as one is identified and counter measures put in place, the threat can change or expand into ne
w or multiple
threats


Hackers quickly acquire skills to launch attacks on US cyber infrastructures.
E
mergence of “hacker schools” online and abroad


Hackers are selling their services to a wide variety of actors (criminals, terrorists, criminal organizations, nation states,

di
sgruntled employees,
contractors, etc. Anonymity of the Internet


Allows “hacker for hire services” into a complex black market


Hacking techniques previously required specialized coding and programming knowledge. NOT ANY MORE


Less skilled users can now
access
free and commercially available hacking automated programs and tools


The number of malicious hackers with the necessary skills continues to increase while the knowledge required for counter meas
ure
s has
decreased


Cyber Threats

2



Cybersecurity


CYBER THREAT


Via
an information
system,
any circumstance or event with the potential to adversely impact organizational
operations, assets (both physical and informational), individuals, other organizations, other critical infrastructures or
the Nation through an information system
.

Cyber threats can affect and immediately impact


hospital operations to admit/treat patients, security systems,
environmental controls, insurance and medical billing claims technology, electronic records and personal data, supply
delivery and stockpiles, functionality of life sustaining equipment, public health data and emergency management
systems.

CYBER
VULNERABILITIES


Weaknesses in physical or information systems, system security procedures, internal
controls, or implementation that could be exploited or triggered by a threat source.


CYBER THREAT ISSUES / TRENDS

Cyber vulnerabilities fall into three (3) categories:

People

(Employees or those external to the organization)

Processes

(Security Procedures)

Technology

(Software, Additional Programs, Shared Networks, Badging Systems, etc.


IDENTIFYING VULNERABILITIES

Both the U.S. Computer Emergency Readiness Team, or the US
-
CERT, and the Information Sharing and Analysis Centers (ISACs), help
stakeholders across all sectors identify and address vulnerabilities

Cyber Vulnerabilities

2



Cybersecurity


Types of Cyber Attacks

Physical Facilities (Unauthorized Access, Environment/Emergency/Hospital Systems Disruption)

Denial of Service, Penetration Attacks, BotNET (Malicious Software Robots, Scareware ($$$ or Attack), Malicious Code,
Unknown Program Installation, Database Attacks, Website Defacements, Multiple Coordinated Attacks, Wireless Network


Exploits, Domain Name Server (DNS Attacks), Pirated Software/Intellectual Property, Unauthorized Access, etc.


Types of Cyber Attacks

Cyber
Attack
Categories

Natural or Inadvertent Attack


Accidents from Natural
Disasters

Intentional
Threats


Illegal or Criminal Acts (Insiders or Outsiders, Recreational/Criminal
Hackers

Human Blunders


Errors, Omissions, Unintentional Human
Actions

Hardware (Computers, Printers, Scanners, Servers, Communication Media)

Software (Applications, Special Programs, System Backups, Diagnostic Programs, Operating Systems, etc.

Data


In Storage (Rest), Transition (Transit) or Undergoing Modification (Change)

Medical Devices


Hacking into medical devices and injecting malicious code to disrupt lifesaving devices.

Smart Phone Attacks


Hacking personal information, emails, documents, applications

People


Users, Systems Administrators, Hardware and Software Manufacturers, Disgruntled Employees, Unauthorized Personnel

Documentation


User Information for Hardware/Software, Administrative Procedures, Policy Documents

Business and Personal Social Network Attacks


Stealing information about your behavior and
lifestyle


2



Cybersecurity


Cybersecurity


Protecting the Healthcare & Public Health (HPH) Sector

The HPH Sector is not only a domestic critical infrastructure, but a foreign one as well (i.e. supply chain dependencies, etc
.)

The HPH Sector is diverse with no single impenetrable security system.

Attacks can impact organizational integrity, loss of business and financial systems, loss of data, medical equipment and devi
ce
corruption, loss of
environmental systems, facility shutdown, etc
.

Attacks can result in lawsuits, criminal, or regulatory compliance actions and fines for not having protective cybersecurity
pol
icies, measures and
technologies in place.

Measures (defined and documented plans, procedures, protective solutions/collaborative partnership) must be taken and impleme
nte
d to
protect technologies, processes, computer networks, equipment, facilities, and the workforce from authorized access, threats,

at
tacks or
vulnerabilities.

PROTECTING THE HPH SECTOR


The HPH Sector utilizes numerous technologies to provide the delivery of care and to
respond to emergencies and perform surveillance. Cybersecurity is increasingly becoming
more critical due to attacks to healthcare and other critical infrastructures and key
resources (CIKR) sectors.


3


Protecting the HPH Sector



Health Coordinating Council




US Department of Health & Human Services (HHS)



Health Government Coordinating Council (HGCC)



Health Sector Coordinating Council (HSCC)


National Health Sector Coordinating Council (HSCC)

WHAT IS THE HSCC?

The

HSCC

represents

private

sector

interests

and

perspectives

in

the

public
-
private

effort

to

protect

the

national

healthcare

infrastructure
.

It

is

made

up

of

representatives,

organizations,

trade

associations,

and

professional

societies

who

operate

within

the

healthcare

sector
.

The

HSCC

has

a

dual

mission

to

meet

the

specific

needs

of

owners

and

operators

and

to

also

inform

and

influence

government

policies

and

actions

with

regard

to

infrastructure

protection
.

MISSION OF THE HSCC

To

serve

the

needs

of

sector

owners/operators

and

associations

(constituent

customers)

in

regard

to

preparing

for

responding

to,

and

recovering

from

both

significant

hazards,

including

natural

and

manmade

disasters,

as

well

as

national

or

regional

health

crises
.

To

advocate

the

interests

of

sector

owner/operators

and

associations

(constituent

customers)

to

state

and

federal

agencies

and

legislators

in

order

to

enhance

government

policies,

plans

and

actions

regarding

infrastructure

protection,

preparedness,

response

and

resilience
.

3


Protecting the HPH Sector


Organization of the HSCC

Executive Committee or Chairs

Tri
-
Chair Council


Encompasses a broad spectrum of leadership capabilities for the HSCC;

full rotation every three (3) years


Sub
-
Councils/Members

All HSCC members fit into one of the six (6) of the following current sub
-
councils.

Members can then be referred tom ore easily for input into working group projects or additional sectors initiatives


Direct Patient Healthcare



Health Information and Medical Technology


Technology Health Plans and Payers


Laboratories, Blood and Pharmaceuticals


Mass Fatality Management Services


Medical Materials Coordinating Group


Working Groups

There are four (4) active working groups within the HSCC.


Joint Advisory Working Group (JAWG)


Information Sharing Working Group (ISWG)


Risk Assessment Working Group (RAWG)


Cybersecurity Working Group (GSWG)

Each of these groups address critical issues for the sector and interests of the HSCC members resulting in best practice deli
ver
ables.

3


Protecting the HPH Sector


Cybersecurity Working Group (CSWG)

Directs the HPH sector’s cybersecurity analysis, education and awareness efforts, to include coordinating with other Critical

In
frastructure Protection (CIP)
workgroups to provide cybersecurity expertise for the sector’s risk management objectives. Helps develop and vet cybersecuri
ty
situational reports,
determines best practices and makes recommendations toward cybersecurity standards for the HPH Sector.

CSWG Membership




US Health Human Services (HHS)



Office of the Assistance Secretary for Preparedness and Response (ASPR), Centers for Disease Control and Prevention (CDC), Of
fic
e of the
National Coordinator (ONC)


Department of Homeland Security


Office of Infrastructure Protection (IP), National Cybersecurity Division ( NCSD)


Department of Transportation


National Health Information Sharing & Analysis Center (NH
-
ISAC)


Private Sector Stakeholders within the HSCC


Telecom Companies


Other: State, Local and Tribal Healthcare Partners

NH
-
ISAC


Chair, Cybersecurity Working Group



Health Sector Coordinating Council (HSCC)


Cybersecurity Working Group (CSWG)


3


Protecting the HPH Sector



Coordinating Council



National Health ISAC




US Department of Health & Human Services (HHS)



Health Government Coordinating Council (HGCC)



Health Sector Coordinating Council (HSCC)


Private Sector Critical Infrastructure & Key Resources

(Owner/Operators, Industry, Academia, etc.)


3


Protecting the HPH Sector


Healthcare & Public Health Critical Infrastructure Protection

NH
-
ISAC MISSION

The mission of the
NH
-
ISAC

is to enable, ensure and preserve
the public trust by advancing protection of the nation’s public
health and healthcare sector’s critical infrastructure via
trusted cybersecurity threat and vulnerability monitoring,
analysis, notification, countermeasure solutions, incident
response and to foster and enable the availability of proven
security and privacy governance, security awareness and
workforce education.


NH
-
ISAC

-

The Nation’s Healthcare & Public Health ISAC

NH
-
ISAC

Nationally Recognized ISAC for the Nation’s Healthcare & Public Health Critical Infrastructure

Member of the National Council of Information Sharing & Analysis Centers (ISACs)


Representing all critical infrastructures

M
ember of the National Healthcare Sector Coordinating Council (HSCC)

Chairs the HSCC, Cybersecurity Working Group

4



NH
-
ISAC Value Proposition


4



NH
-
ISAC Value Proposition


NH
-
ISAC


T
rusted entity established and sustained by the healthcare and public health owners and operators
addressing critical infrastructure protection (physical/cyber), best practice and education


Helps government understand impacts for the HPH
sector (policy, protection, education)


Provides to its constituency a 24/7 secure operating capability
(
information sharing/intelligence
requirements for incidents, threats and vulnerabilities) r
esponding
to all aspects of security and “all
hazards” including cross
-
sector
interdependencies.


Collects and provides comprehensive analysis and dissemination of alerts and incident reports, actual
or potential sector disruptions extensively within the HPH sector membership, across sectors and
with government


Support national level exercises and sector
-
specific exercises


During events of national significance, NH
-
ISAC provides operation services such as risk mitigation,
incident response and information sharing that protects the nation’s HPH critical infrastructure


NH
-
ISAC empowers business resiliency through security planning, disaster response and execution.
(24/7 threat warning, incident reporting capabilities critical to the success of protecting national
critical infrastructures.


Working together, all ISACs have a track record of responding to and sharing actionable and relevant
information more quickly than DHS and doing so in an accurate manner.

NH
-
ISAC

NH
-
ISAC Organizational Capacity

4



NH
-
ISAC Value Proposition


NH
-
ISAC National Advisory
Council

Membership Collaboration / Defining
Voice

NH
-
ISAC
Framework

Cybersecurity
Research
-


NH
-
ISAC Partnership
-

Global
Institute Cyber Security Research)

Critical Information Security Notification System (NH
-
ISAC CISNS)

Increased Sector
-
Wide Knowledge via Early Notifications

Two
-
Way Information
Sharing

Countermeasure Solutions

Secure Member Portal


In
-
Depth Analysis/Support

National and Sector
-
Specific Cybersecurity Exercises

Cybersecurity

Best Practice Consulting

Health IT Information& Cyber Security Workforce Development &


Certification

NH
-
ISAC Health IT Information Security Test Bed


Audit

Management

Policy

Management

Risk

Management

Compliance

Management

Business

Continuity

Threat

Management

Incident

Response

Workforce

Education

Best Practice

Research

NH
-
ISAC

Framework

CYBERSECURITY EDUCATION


SHAPING THE FUTURE


NATIONAL INITIATIVE

FOR CYBERSECURITY EDUCATION (NICE)

A national campaign to promote cybersecurity awareness,
workforce education and digital literacy from our boardrooms to
our classrooms


building and sustaining a cybersecurity
workforce for the 21
st

century
.

This is
y
our opportunity to have a defining voice and benefit
from the resulting project education framework, curriculum, etc.

http://www.nist.gov/nice


Healthcare & Public Health CIKR Cybersecurity Education

In collaboration with NIST, US DHS, NSA, HHS, The National Healthcare Sector
Coordinating Council (HSCC), The Global Institute for Cybersecurity +
Research is leading
development of National Critical Infrastructure (CIKR) Cybersecurity Education
Frameworks. NH
-
ISAC is the lead for the Healthcare & Public Health sector.

4



NH
-
ISAC Value Proposition


NH
-
ISAC Membership

4



NH
-
ISAC Value Proposition


Who Can Join the NH
-
ISAC?

H
-
ISAC Membership is open to organizations who are in the healthcare and public health sector, are a US firm or
corporation and have been accepted by the NH
-
ISAC Board of Directors.

How is the NH
-
ISAC Funded?

The NH
-
ISAC is 100% funded through the ISAC membership model.

How do I Join the NH
-
ISAC?

Contact NH
-
ISAC directly or access the Membership Application:
http://www.nh
-
isac.org/NH
-
ISAC_Membership.html



National Health ISAC (NH
-
ISAC)

Exploration Park/Kennedy Space Center

One Spaceport Way

Cape Canaveral, FL 32902

Direct: 904
-
827
-
0290