ºÚÁÏÕýÄÜÁ¿

Executive Summary

From March to November 2024, Health-ISAC held ten workshops as part of the Discussion Based Exercise Series, involving over 100 member organizations, potential members, and strategic partners. Each three-hour exercise focused on a ransomware scenario, with participants discussing updates and sharing best practices, experiences, and recommendations. The exercises aimed to explore opportunities for enhancing security and resilience in the health sector. Variations in the scenarios and discussions catered to the diverse participants, encouraging active engagement. Observations from these exercises have been compiled into the following categories to guide continuous improvement in cybersecurity and preparedness, ultimately fostering greater resilience in the health sector.

• Employee Training and Awareness Credential and Network
• Vulnerability Mitigation Attack Vectors and Mitigation
• Strategies Ransom Payment
• Intelligence and Outreach
• Scope of Breach
• Legal and Public Affairs
• Release of ePHI Data
• Public Confidence
• Chain of Custody
• Law Enforcement
• Strategies for Resiliency

This report provides a brief summary of the full 2024 Health-ISAC Discussion Based Exercise Series After-Action Report (AAR) that Health-ISAC members received on February 6, 2025. Health-ISAC members can retrieve the full report in the Health-ISAC Threat Intelligence Portal (HTIP).  

View details below.