Designing New Models for Better Health
Detecting Cyber Threats with ATT&CK-based Analytics
The Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK™) family of models, developed for public use by the MITRE Corporation, provides a methodology for characterizing and describing the actions an adversary may take while operating on specific platforms within an enterprise network. This HIMSS18 session by Denise Anderson, NH-ISAC and Julie Connolly, MITRE explains the ATT&CK family models in detail and describes the healthcare ATT&CK-based analytic developments.
Managing Medical Device Cybersecurity Vulnerabilities
Medical device cybersecurity continues to evolve. This HIMSS18 presentation by session by Seth Carmody, PhD (FDA) and Penny Chase, MITRE characterizes the initiatives such as development of a Common Vulnerability Scoring System (CVSS) rubric, as well as the relevant FDA and community roles, in helping to realize safer, more secure device clinical operation and use.
Creating Practical Cybersecurity Guidance for PACS
NIST’s Applied Cybersecurity Division Chief Kevin Stine alongside Cybersecurity Researcher Kevin Littlefield discuss the newest healthcare sector project, Securing Picture Archiving and Communication System (PACS) in this HIMSS18 presentation.
APM Framework and related work products and presentations
HHS launched the Health Care Payment Learning & Action Network (LAN) to help advance the work being done across sectors to increase the adoption of value-based payments and alternative payment models (APMs).
Health Care Payment Learning and Action Network
Traditionally, America’s healthcare system rewards quantity over quality of care. The Learning Action Network is a public-private partnership committed to a healthcare system that delivers better care, spends dollars more wisely, and results in healthier people.
Principles for a Framework for Alternative Payment Models
The way physicians, hospitals, and other health care professionals are paid influences patient care because payment methods affect business models that clinicians and health care facilities use to prioritize investments, establish infrastructure, and design care processes.
The Evolving State of Medical Device Cybersecurity
To advance patient care, medical devices are becoming increasingly connected and interoperable. Stakeholders across the healthcare sector mustunderstand the importance of medical device cybersecurity for protecting patient safety, provider networks, and the sensitive data that they access.
What is MITRE’s ATT&CK framework? What red teams need to know
The ATT&CK framework breaks down and classifies attacks in a consistent and clear manner that can make it easier to compare and contrast them to find how the attacker exploited your networks and endpoints and penetrated your network.
Report on Improving Cybersecurity in the Healthcare Industry 2017
The Cybersecurity Act of 2015 provided a much needed opportunity to convene public and private sector subject matter experts to spend the last year discussing and developing recommendations on the growing challenge of cyber attacks targeting health care....
Do you have expertise and want to help?
By working through these challenges together across government, public and private entities, and academia, we can solve problems for a safer world.