H-ISAC TLP White Announcement Joint Release of Health Industry Cybersecurity Practices (HICP) 2023 and Supplements

April 24, 2023

On April 17, 2023, the Healthcare and Public Health Sector Coordinating Council (HSCC) and the U.S. Department of Health and Human Services (HHS) issued a joint release titled Health Industry Cybersecurity Practices (HICP) 2023.  The release is an update to the flagship 2019 publication.

Please find the PDF version of the  attached for easy access. The 2023 HICP, along with additional details and resources, are available here:  

In addition to the 2023 HICP, please find attached  which assesses the adversarial methods threat actors are leveraging to gain access to hospital systems and compares that benchmark to current hospital cybersecurity protections.  

The Hospital Resiliency Landscape Analysis publication is the result of the leadership and collaboration of Health-ISAC, the HPH Joint Cybersecurity Working Group, the Health Sector Coordinating Council (HSCC), and the 405(d) Steering Committee, and the 405(d) Task Group. 

Lastly, please review the  cybersecurity education platform that includes multiple delivery methodologies to reach various-sized healthcare facilitiesThe platform includes five cybersecurity training courses that align with the top five cybersecurity threats outlined in the HICP. View the detailed report below.

For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:

John Riggi

National Advisor for Cybersecurity and Risk, AHA

jriggi@aha.org

(O) +1 202 626 2272