cybersecurity presentation cnet finalcnectgpo.com/.../2019/07/cybersecurity-presentation... ·...

© 2019. All rights reserved. | Premier Inc. | 1© 2019. All rights reserved. | Premier Inc.

Cybersecurity OverviewJason FerriSenior DirectorI.T. Strategic Supplier Engagement/Portfolio Advisor

Email – [email protected] – 610-906-7337

mailto:[email protected]

© 2019. All rights reserved. | Premier Inc. | 2

Agenda

§ Worldwide Threat Assessment

§ HHS Top Security Threats

§ HHS Resources Available

§ Premier Cybersecurity Update§ Member Communications

§ Cybersecurity Community

§ Open Discussion….


Key Takeaways…

1. Cybersecurity Best Practices for 5 Current Threats§ Email Phishing

§ Ransomware

§ Lost or Theft Equipment/Data

§ Data Loss

§ Attacks on Medical Devices

2. Resources Available§ HHS Document Links

3. Premier Responsiveness: § Security Content Alerts to Membership

§ PremierConnect Cybersecurity Community


Cybersecurity – Why Is This Important?


Worldwide Threat Assessment Excerpts (2019)

§ Worldwide Threat Assessment (US Intelligence Community) by Daniel R. Coats (Director of National Intelligence)

§ Document Covers the following Global Threats§ Cyber§ Online Influence Operations and Election Interference§ Weapons of Mass Destruction and Proliferation§ Terrorism§ Counterintelligence§ Emerging and Disruptive Technologies / Threats to Economic

Competiveness§ Space and Counterspace§ Transnational Organized Crime§ Economics and Energy§ Human Security


Cyber – Worldwide Threat Assessment

§ China, Russia, Iran, and North Korea increasingly use cyber operations to threaten both minds and machines in an expanding number of ways—to steal information, to influence our citizens, or to disrupt critical infrastructure

§ China and Russia pose the greatest espionage and cyber attack threats, but we anticipate that all our adversaries and strategic competitors will increasingly build and integrate cyber espionage, attack, and influence capabilities into their efforts to influence US policies and advance their own national security interests

§ China§ China remains the most active strategic competitor responsible for cyber espionage

against the US Government, corporations, and allies

§ Beijing will authorize cyber espionage against key US technology sectors

§ China has the ability to launch cyber attacks that cause localized, temporary disruptive effects on critical infrastructure—such as disruption of a natural gas pipeline for days to weeks



§ Russia§ Russian intelligence and security services will continue targeting US

information systems, as well as the networks of our NATO and Five Eyes partners, for technical information, military plans, and insight into our governments’ policies

§ Russia has the ability to execute cyber attacks in the United States that generate localized, temporary disruptive effects on critical infrastructure—such as disrupting an electrical distribution network for at least a few hours

§ Iran§ Iranian cyber actors are targeting US Government officials, government

organizations, and companies to gain intelligence and position themselves for future cyber operations

§ Iran has been preparing for cyber attacks against the United States and our allies. It is capable of causing localized, temporary disruptive effects—such as disrupting a large company’s corporate networks for days to week



§ North Korea§ North Korea continues to use cyber capabilities to steal from financial

institutions to generate revenue

§ Pyongyang’s cybercrime operations include attempts to steal more than $1.1 billion from financial institutions across the world—including a successful cyber heist of an estimated $81 million from the New York Federal Reserve account of Bangladesh’s central bank


Industry-Led Activity to Improve Cybersecurity in the Healthcare and Public Health (HPH) Sector

WHAT IS THE 405(d) EFFORT?An industry-led process to develop consensus-based guidelines, practices, and methodologies to strengthen the HPH-sector’s cybersecurity posture against cyber threats.

HOW WILL 405(d) ADDRESS HPH CYBERSECURITY NEEDS?

With a targeted set of applicable & voluntary guidance that seeks to cost-effectively reduce the cybersecurity risks of healthcare organizations.

WHO IS PARTICIPATING?The 405(d) Task Group is convened by HHS and comprised of over 150 information security officers, medical professionals, privacy experts, and industry leaders.

WHY IS HHS CONVENING THIS EFFORT?

To strengthen the cybersecurity posture of the HPH Sector, Congress mandated the effort in the Cybersecurity Act of 2015 (CSA), Section 405(d).

9


Top 5 Security Threats

1. Email Phishing

2. Ransomware

3. Lost or Theft Equipment/Data

4. Data Loss

5. Attacks on Medical Devices


E-Mail Phishing Attack – Threat Quick Tips

Reference Document - Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (page 16-17)

Billing Issue

Dear [email protected], Due to a problem with your card, we have been unable to charge your account. Your Apple ID are currently locked. If you don't update your billing information, your Apple ID will be locked. You can unlock your Apple ID after you update billing information. Regards, Apple Support


Ransomware Attack – Threat Quick Tips



Loss or Theft of Equipment or Data – Threat Quick Tips



Insider, Accidental or Intentional Data Loss – Threat Quick Tips



Medical Device Attacks – Threat Quick Tips



10 Best Practices Document Overview

The document identifies ten (10) practices, which are tailored to small, medium, and large organizations and discussed in further detail in the technical

Reference Document - Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (page 28,30)


Resources Available

HHS Documents Overviewed Today:

The Main Document discusses the current cybersecurity threats facing the health care industry. It sets forth a call to action for the health care industry, especially executive decision makers, with the goal of raising general awareness of the issue.

Technical Volume 1 discusses the 10 Cybersecurity Practices (herein called Practices) and Sub-Practices for small health care organizations. It is intended for IT and/or IT security professionals and serves to guide organizations on what to ask their IT and/or IT security teams or vendors.

Technical Volume 2 discusses the 10 Cybersecurity Practices (herein called Practices) and Sub-Practices for medium-sized and large health care organizations. It is intended for IT and/or IT security professionals

https://healthsectorcouncil.org/wp-content/uploads/2018/12/HICP-Main-508.pdf

https://healthsectorcouncil.org/wp-content/uploads/2018/12/tech-vol1-508.pdf

https://healthsectorcouncil.org/wp-content/uploads/2018/12/tech-vol2-508.pdf


Premier Update


Communicating to Members

§ Email Communications:

§ Security Alerts to Members§ GPO Product Specific§ General Awareness

§ Member Presentations:

§ Puerto Rico Webinar on Disaster Preparedness and Cyber Security§ CNECT Member Presentation

§ Cyber Security Content

§ Disaster Preparedness and Response Community


Cybersecurity Community


Key Takeaways…

1. Cybersecurity Best Practices for 5 Current Threats§ Email Phishing

§ Ransomware

§ Lost or Theft Equipment/Data

§ Data Loss

§ Attacks on Medical Devices

2. Resources Available§ HHS Document Links

3. Premier Responsiveness: § Security Content Alerts to Membership

§ PremierConnect Cybersecurity Community


Open for Questions…