This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.

CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.

Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.

This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.

These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.

Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.

Overview of HHS recommendations to help the health care and public health sector address cyber threats.

This plan outlines a path for achieving two significant changes: the need for more capable actors in cybersecurity and the need to increase incentive to make investments in long-term resilience.

Featuring recommendations and best practices to prepare for and fight against cybersecurity threats that can impact patient safety, this document outlines the top threats facing the HPH Sector. It has been developed with all stakeholders in mind; organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.

Focuses on the effects of a cyber incident on the health care operational environment; one that impacts the ability to effectively care for patients and maintain business practices and readiness during such an event. It covers many strategies and principles relevant to a range of cybersecurity incidents and health care facilities included disruptions associated with a large-scale cyberattack.