Designing New Models for Better Health
The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) family of models, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms within an enterprise network. This HIMSS18 session by Denise Anderson, NH-ISAC and Julie Connolly, MITRE explains the ATT&CK family models in detail and describes the healthcare ATT&CK-based analytic developments.
Medical device cybersecurity continues to evolve. This HIMSS18 presentation by session by Seth Carmody, PhD (FDA) and Penny Chase, MITRE characterizes the initiatives such as development of a Common Vulnerability Scoring System (CVSS) rubric, as well as the relevant FDA and community roles, in helping to realize safer, more secure device clinical operation and use.
NIST’s Applied Cybersecurity Division Chief Kevin Stine alongside Cybersecurity Researcher Kevin Littlefield discuss the newest healthcare sector project, Securing Picture Archiving and Communication System (PACS) in this HIMSS18 presentation.
HHS launched the Health Care Payment Learning & Action Network (LAN) to help advance the work being done across sectors to increase the adoption of value-based payments and alternative payment models (APMs).
Traditionally, America’s healthcare system rewards quantity over quality of care. The Learning Action Network is a public-private partnership committed to a healthcare system that delivers better care, spends dollars more wisely, and results in healthier people.
The way physicians, hospitals, and other health care professionals are paid influences patient care because payment methods affect business models that clinicians and health care facilities use to prioritize investments, establish infrastructure, and design care processes.
To advance patient care, medical devices are becoming increasingly connected and interoperable. Stakeholders across the healthcare sector mustunderstand the importance of medical device cybersecurity for protecting patient safety, provider networks, and the sensitive data that they access.
The ATT&CK framework breaks down and classifies attacks in a consistent and clear manner that can make it easier to compare and contrast them to find how the attacker exploited your networks and endpoints and penetrated your network.
The Cybersecurity Act of 2015 provided a much needed opportunity to convene public and private sector subject matter experts to spend the last year discussing and developing recommendations on the growing challenge of cyber attacks targeting health care....
Do you have expertise and want to help?
By working through these challenges together across government, public and private entities, and academia, we can solve problems for a safer world.