Resource Library

TitleSummaryLast ModifiedRolePhaseResource TypeOrgOrg Typehf:tax:rolehf:tax:nist_phasehf:tax:resource_typehf:tax:resource_orghf:tax:resource_source
#StopRansomware: Hive Ransomware

Cybersecurity & Infrastructure Security Agency (CISA) Alert (AA22-321A); Uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework to describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health (HPH).

November 30, 2022, , , , it-cybersecurity-practitioner technical-leaderidentify protect respondadvisory doccisagovernment
Ransomware Techniques in ATT&CK

List of ransomware techniques, software, and groups that are presently documented in MITRE ATT&CK.

September 30, 2022, , , it-cybersecurity-practitioner technical-leaderidentify protect respondtoolmitrenon-profit
11 Strategies of a World-Class Cybersecurity Operations Center

MITRE’s Ten Strategies of a World-Class CSOC book, describing detailed strategies, including how they crosscut elements of people, process, and technology to build, manage, and improve the CSOC.

September 23, 2022, , , , , it-cybersecurity-practitioner technical-leaderdetect identify protect respondbest-practice docmitrenon-profit
Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients

Resources that provide Health Industry Cybersecurity Best Practices: Managing Threats and Protecting Patients (HICP).

September 23, 2022technical-leaderprotectbest-practicehhsgovernment
The MITRE Systems Engineering Guide

MITRE Systems Engineering Guide, or SEG, conveys The MITRE Corporation’s accumulated wisdom on a wide range of systems engineering subjects—sufficient for understanding the essentials of the discipline and for translating this knowledge into practice in your own work environment.

September 21, 2022, , , it-cybersecurity-practitioner technical-leaderbest-practice book docmitrenon-profit
CISA Fact Sheet Rising Ransomware Threat to OT Assets

Recommended actions and resources that critical infrastructure entities should implement to reduce the risk ransomware.

September 21, 2022, , it-cybersecurity-practitioner technical-leaderprotect respondfact-sheetcisagovernment
Cyber Threat Intelligence

Resources that provide insight for organizations to the latest threats and understanding the adversary.

September 21, 2022, , , , , , , it-cybersecurity-practitioner technical-leaderidentify protectadvisory doc website-articlecisa mitre nistgovernment non-profit
Designing Cyber Resilient Systems (NIST SP 800-160 Vol. 2)

A Systems Security Engineering Approach; which defines cyber resiliency as the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on cyber resources.

September 21, 2022, , it-cybersecurity-practitioner technical-leaderprotectbest-practice docnistgovernment
HHS 405(d) Aligning Health Care Industry Security Approaches

Provides industry-led consensus-based guidelines, practices, and methodologies that aim to raise awareness, provide vetted cybersecurity practices, and move organizations towards consistency in mitigating the current most pertinent cybersecurity threats to the HPH sector

September 21, 2022, , , , , , business-leader it-cybersecurity-practitioner technical-leaderdetect identify protect recover respondwebsitehhsgovernment
Crown Jewels Analysis (CJA)

Crown Jewels Analysis (CJA) is a process for identifying those cyber assets that are most critical to achieve an organization’s key objectives and enable organizations to prioritize and apply limited resources effectively for cyber resiliency during a major cyber attack.

September 19, 2022, , business-leaderidentifycybersecurity-assessment doc toolmitrenon-profit
Hive Ransomware

Hive is an exceptionally aggressive, financially-motivated ransomware group known to maintain sophisticated capabilities who have historically targeted healthcare organizations frequently. The Health Sector Cybersecurity Coordination Center (HC3) recommends the Healthcare and Public Health (HPH) Sector be aware of their operations and apply appropriate cybersecurity principles and practices found in this document in defending their infrastructure and data against compromise.

May 17, 2022, , , , business-leader it-cybersecurity-practitioner technical-leaderidentify protectanalyst-note reporthhsgovernment
NISTIR 8374- Ransomware Risk Management: A Cybersecurity Framework Profile

Incorporates feedback from earlier drafts and is based on the broader Cybersecurity Framework Version 1.1. It can be used as a guide to manage the risk of ransomware events—which includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.

March 1, 2022, , , , , , business-leader it-cybersecurity-practitioner technical-leaderdetect identify protect recover responddocnistnon-profit
Threat-Informed Cybersecurity Operations for Healthcare Delivery Organizations

A Guide to Maturing Cyber Defense Capabilities For HDO.

November 29, 2021, , business-leader it-cybersecurity-practitioner technical-leaderidentifydocmitrenon-profit
Cyber Operations Rapid Assessment (CORA)

A lightweight assessment tool used to evaluate your overall cybersecurity operations and infrastructure.

November 29, 2021, , business-leader technical-leaderidentifydoc toolmitrenon-profit
Deploy Cyber Analytics

A knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.

November 5, 2021it-cybersecurity-practitionerdetectdocmitrenon-profit
Detect Cyber Events

An overview of how to set the scene for detection, and how to collect the right data points.

August 29, 2021it-cybersecurity-practitionerdetectdocmitrenon-profit
CISA Ransomware Resource Hub

A collection of CISA cybersecurity services can that help organization identify, protect and respond to the ransomware threat.

July 19, 2021, , , , , , , business-leader it-cybersecurity-practitioner technical-leaderidentify protect respondbest-practice doc training website-articlecisagovernment
Design Defenses

NIST Reference designs that focuses on detailed methods and potential tool sets that can detect, mitigate, and contain data integrity events in the components of an enterprise network.

July 15, 2021, , , , , , , it-cybersecurity-practitioner technical-leaderdetect identify protect recover respondbest-practice doc website-articlenistgovernment
Rubric for Applying CVSS to Medical Devices

The CVSS Rubric consists of a structured set of questions and corresponding decision flow diagrams, along with medical device specific examples and guidance, to help assess a medical device vulnerability in a consistent and standardized way.

July 7, 2021, it-cybersecurity-practitioner technical-leaderidentifydocmitrenon-profit
Zero Trust Architecture (ZTA)

The ZTA Tech Watcher report explores the state of the technology today and provides background, applicability and benefits to organizations, outstanding challenges and issues, and recommendations.

July 6, 2021, , business-leader it-cybersecurity-practitioner technical-leaderprotectdocmitrenon-profit
Data Integrity: Recovering from Ransomware and Other Destructive Events

Reference designs that uses commercially available technologies to develop solutions that could assist an organization in recovering from ransomware or other destructive events.

June 4, 2021, , , it-cybersecurity-practitioner technical-leaderrecover respondbest-practice website-articlenistgovernment
Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

Reference designs that uses commercially available technologies to develop solutions that could assist an organization in identifying and protecting critical assets against ransomware or other destructive events.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderidentify protectbest-practicenistgovernment
Incident Preparedness and Response

Incident preparedness and response considerations that can help health delivery organizations (HDOs) and other stakeholders understand the roles and responsibilities before, during, and after a cyber incident.

June 4, 2021, , , , , , business-leader technical-leaderdetect identify protect recover responddoc website-articlemitrenon-profit
Health Information Sharing and Analysis Center (H-ISAC)

H-ISAC, Health Information Sharing and Analysis Center, is a global, non-profit, member-driven organization offering healthcare stakeholders a trusted community and forum for coordinating, collaborating and sharing vital physical and cyber threat intelligence and best practices with each other.

June 4, 2021, , , it-cybersecurity-practitioner technical-leaderprotectinformation-sharing threat-intel website-articlehealth-isacnon-profit
Ransomware What It Is and What To Do About It

Cybersecurity & Infrastructure Security Agency (CISA) overview on ransomware, what it is and what to do about it.

June 4, 2021, it-cybersecurity-practitioner technical-leaderprotectfact-sheetcisagovernment
CISA Cyber Resource Hub

A collection of CISA cybersecurity services can that help the broader cybersecurity community gain visibility with vulnerability trends, adversarial activities and, effective mitigations for better protection of their networks.

June 4, 2021, , , , , , business-leader it-cybersecurity-practitioner technical-leaderidentify protectcybersecurity-assessment doc tool website-articlecisagovernment
Principles and Practices for Medical Device Cybersecurity

International Medical Device Regulators Forum guidance document providing general principles and best practices
to facilitate international regulatory on medical device cybersecurity from pre-market to post-market.

June 4, 2021, , , , , business-leader technical-leaderdetect identify protect recover respondbest-practiceinternational-medical-device-regulators-forumnon-profit
Webinar: Combating Ransomware

CISA Webinar: Provides technical overview of prevalent ransomware actors, their targets, and provides recommendations on how organization could defend against the threat.

June 4, 2021, it-cybersecurity-practitioner technical-leaderprotectvideocisagovernment
User Awareness Training

An overview of how to establish a User Awareness Training program. The EARNEST Practice helps educate End Users to be effective Cyber Sensors.

June 4, 2021, , , , business-leader technical-leaderdetect protectbest-practice doc white-papermitrenon-profit
US Computer Emergency Response Team (US-CERT)

US-CERT is responsible for analyzing and reducing cyber threats, vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities.

June 4, 2021, , business-leader it-cybersecurity-practitioner technical-leaderprotectadvisorycisagovernment
Stop that Phish

Learn what phishing is and how you can spot and stop these attacks, regardless if you are at work or at home.

June 4, 2021it-cybersecurity-practitionerprotectfact-sheetsansnon-profit
SEI Cyber Minute: Mitigating Ransomware

In this Software Engineering Institute (SEI) Cyber Minute, Rotem Guttman discusses “Mitigating Ransomware.

June 4, 2021, , business-leader it-cybersecurity-practitioner technical-leaderdetectvideoseieducation
Security Primer – Ransomware

Center for Internet Security white paper on ransomware.

June 4, 2021, , business-leader technical-leaderidentify protectdoccisnon-profit
SANS: Internet Storm Center (ISC)

SANS Internet Storm Center provides free analysis and warning service to thousands of Internet users and organizations.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderidentifyfact-sheet information-sharingsanseducation
Rubric for Applying CVSS to Medical Devices

MITRE developed a rubric that provides guidance for how an analyst can utilize CVSS as part of a risk assessment for a medical device.

June 4, 2021, , , it-cybersecurity-practitioner technical-leaderidentifycybersecurity-assessment doc toolmitrenon-profit
Ransomware: Facts, Threats, and Countermeasures

Center for Internet Security blog on ransomware facts, threat and countermeasures.

June 4, 2021, it-cybersecurity-practitioner technical-leaderprotectfact-sheetcisnon-profit
Ransomware Protection and Response

NIST resources on tips and tactics for preparing your organization for ransomware attacks.

June 4, 2021, , , , business-leader it-cybersecurity-practitioner technical-leaderprotect respondfact-sheet videonistgovernment
Ransomware Guidance and Resources

Collection of Cybersecurity & Infrastructure Security Agency (CISA) ransomware guidance and resources.

June 4, 2021, , business-leaderbest-practice fact-sheet website-articlecisagovernment
Ransomware and HIPAA Fact Sheet

Health and Human Services Ransomware and HIPAA fact sheet.

June 4, 2021, , , business-leader it-cybersecurity-practitioner technical-leaderprotectdoc fact-sheethhsgovernment
Ransomware and Breach

Health and Human Services Office for Civil Rights presentation on Ransomware prevention, recovery and breach risk assessment.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderprotect recoverdochhsgovernment
Ransomware Activity Targeting the Healthcare and Public Health Sector

Cybersecurity & Infrastructure Security Agency (CISA) Alert (AA20-302A); Uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework to describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health (HPH).

June 4, 2021, , it-cybersecurity-practitioner technical-leaderadvisory doccisagovernment
Protecting Data from Ransomware and Other Data Loss Events

National Institute of Standards and Technology (NIST) white paper providing recommendation to help managed service providers (MSPs) protecting data from ransomware and other data loss events.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderprotectbest-practice docnistgovernment
Protecting Against Ransomware

Cybersecurity & Infrastructure Security Agency (CISA) security time (ST19-001); protecting against ransomware.

June 4, 2021, , , , business-leader it-cybersecurity-practitioner technical-leaderprotect respondbest-practice website-articlecisagovernment
Podcast Interview: Cyber and Supply Chain Threats to the Health Care Sector

Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Gregory Garcia, the Executive Director for Cybersecurity of the Health Sector Coordinating Council, for an audio interview on current threats to the health care sector.

June 4, 2021, , business-leader it-cybersecurity-practitioner technical-leaderpodcastoffice-of-the-director-of-national-intelligencegovernment
No-Cost Malicious Domain Blocking and Reporting for U.S. Hospitals

Overview of the Center for Internet Security® (CIS®), Malicious Domain Blocking and Reporting (MDBR) service offering to all public and private hospitals and related healthcare organizations in the United States. This service provides an additional layer of cybersecurity protection that is proven, effective, and easy to deploy.

June 4, 2021, technical-leaderidentify protectmanaged-servicecisnon-profit
NIST Cybersecurity Framework

The National Institute of Standards and Technology (NIST) Cybersecurity Framework is voluntary guidance intended to help organizations to better manage and reduce cybersecurity risk.

June 4, 2021, , , , , , , business-leader it-cybersecurity-practitioner technical-leaderdetect identify protect recover respondbest-practice website-articlenistgovernment
MS-ISAC Ransomware Guide

Ransomware best practices and recommendations are based on operational insight from the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC).

June 4, 2021, , , , , it-cybersecurity-practitioner technical-leaderdetect protect recover respondbest-practice doccisagovernment
Locked Out: Tackling Australia’s ransomware threat

​​​Industry Advisory Committee paper presents real case studies and provides advice on how all Australians can best protect themselves from ransomware attacks.​ The advice is applicable to any country.

June 4, 2021, , , , , , business-leader it-cybersecurity-practitioner technical-leaderdetect identify protectadvisory docaustralian-government department-of-home-affairsgovernment
Laws and Regulations Enforced by OCR

Laws and regulations that apply to programs, services, and activities receiving HHS Federal financial assistance.

June 4, 2021, business-leader technical-leaderpolicy-regulationhhsgovernment
INSIGHTS Ransomware Outbreak

Three steps any organization can take to manage their risk against ransomware.

June 4, 2021, , , , business-leader technical-leaderdetect protect recoveradvisory doccisagovernment
How to Protect Your Networks from Ransomware

Document that provides an aggregate of already existing Federal government and private industry best practices and mitigation strategies focused on the prevention and response to ransomware incidents.

June 4, 2021, , , it-cybersecurity-practitioner technical-leaderprotect respondadvisory docfbigovernment
How to Address the Threat of Ransomware Attacks

Educational video on how to address the threat of ransomware attacks.

June 4, 2021, , , , business-leader it-cybersecurity-practitioner technical-leaderdetect protect respondvideocisagovernment
Health Sector Cybersecurity Coordination Center (HC3) Homepage

A collection of Health Sector Cybersecurity Coordination Center (HC3) resources to aid in the protection of vital, healthcare-related controlled information and ensure that cybersecurity information sharing is coordinated across the Health and Public Health Sector (HPH).

June 4, 2021, it-cybersecurity-practitioner technical-leaderprotectinformation-sharinghhsgovernment
Health Sector Coordinating Council

Report which examines cybersecurity threats and vulnerabilities that affect the healthcare industry. It explores (5) current threats and presents (10) practices to mitigate those threats.

June 4, 2021, , business-leader technical-leaderprotectbest-practice website-articlehsccnon-profit
Health Care Industry Cybersecurity Task Force

Health Care Industry Cybersecurity Task Force report detailing findings on cybersecurity risk facing the healthcare industry.

June 4, 2021, business-leader technical-leaderfact-sheetphegovernment
FBI: InfraGard Portal

InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats.

June 4, 2021, , , , business-leader it-cybersecurity-practitioner technical-leaderidentify protectinformation-sharing threat-intelfbigovernment
FBI Watch – TLP:WHITE Report

FBI bulletin containing 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year.

June 4, 2021, , business-leader it-cybersecurity-practitioner technical-leaderprotectadvisoryfbinon-profit
Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

Reference designs that uses commercially available technologies to develop solutions that could assist an organization in detecting and responding against ransomware or other destructive events.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderdetect respondbest-practicenistgovernment
Cybersecurity Toolkit for Digital Health

An educational resource for digital health companies at all stages of growth on both the fundamentals and best practices for cybersecurity and privacy protection.

June 4, 2021, , , , business-leader it-cybersecurity-practitioner technical-leaderdetect protectbest-practice website-articlemass-digital-healthnon-profit
Cybersecurity Maturity Models

An overview of three Cybersecurity Maturity Models that can be used by an organization to baseline their current capabilities against best practices.

June 4, 2021, , , , business-leader technical-leaderidentify protectbest-practice cybersecurity-assessment dochhsgovernment
Cyber Tabletop Exercises

Cyber Tabletop Exercises (TTX) are a way to evaluate your cyber response plan with scenarios that identify gaps between what you’ve planned for and what can actually happen, practice roles and responsibilities, and improve communications throughout organizations.

June 4, 2021, business-leaderrecover responddocmitrenon-profit
Cyber Security Guidance Material

Educational materials specifically designed to give HIPAA covered entities and business associates insight into how to respond to a cyber-related security incidents.

June 4, 2021, , , , , , , business-leader technical-leaderdetect identify protect recover respondadvisory doc website-articlehhsgovernment
Cyber Resiliency

Resources that provide and overview of Cyber Resiliency and its implementation.

June 4, 2021, technical-leaderprotectcybersecurity-assessment docmitrenon-profit
Cyber Resilience Review (CRR)

CRR is a no-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices.

June 4, 2021, , , , , business-leader technical-leaderidentify recover respondcybersecurity-assessment doc website-articlecisagovernment
Cyber Attack Checklist

Steps for a HIPAA covered entity or its business associate (the entity) to take in response to a cyber-related security incident.

June 4, 2021, , , business-leader technical-leaderrecover respondadvisory dochhsgovernment
Cyber Assessments

An overview of Cyber Assessments methods to bolster an organization’s ability to identify, protect, and detect cyber threats.

June 4, 2021, , , technical-leaderdetect identify protectcybersecurity-assessment docmitrenon-profit
Common Vulnerability Scoring System Special Interest Group (SIG)

The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity. The score can help organizations properly assess and prioritize their vulnerability management processes.

June 4, 2021, , it-cybersecurity-practitionerprotectdoc training website-articlefirstgovernment
Common Vulnerabilities and Exposures (CVE)

CVE® is a list of records—each containing an identification number, a description, and at least one public reference—for publicly known cybersecurity vulnerabilities.

June 4, 2021, , , it-cybersecurity-practitioneridentifydoc tool website-articlemitregovernment non-profit
Combating Ransomware: A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force

A comprehensive strategic framework and recommendations for tackling the dramatically increasing and evolving threat of ransomware.

June 4, 2021, , , , business-leaderprotect recover respondadvisory best-practice docinstitute-for-security-and-technologynon-profit
CISA, MS-ISAC, NGA & NASCIO Recommend Immediate Action To Safeguard Against Ransomware Attacks

Best practice outlining three steps to resilience against ransomware for State and Local Partners.

June 4, 2021, , it-cybersecurity-practitioner technical-leaderidentify protectbest-practicecisagovernment
Caldera

CALDERA™ is a cybersecurity framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response.

May 17, 2021, , it-cybersecurity-practitioner technical-leaderidentifycybersecurity-assessment toolmitrenon-profit

Pin It on Pinterest

Share This