Official websites use .gov
A .gov website belongs to an official government organization in the United
States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely
connected to the .gov website. Share sensitive information only on official, secure websites.
This joint CSA to provides information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
CISA, in partnership with the FBI, HHS, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide cybersecurity defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) used by known Black Basta ransomware affiliates and identified through FBI investigations and third-party reporting.
Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP)outlines actions the Federal Government is taking to improve U.S. National Cybersecurity posture. This updated roadmap describes 100 high-impact Federal initiatives, each intended to substantively increase our collective digital security and systemic resilience.
This next phase of the NCSIP follows the progress to date and displays the Administration's commitment to transparency and accountability as the National Cybersecurity Strategy is implemented.Highlights of the Version 2 of the National Cybersecurity Strategy Implementation Plan (NCSIP) are included in this fact sheet.
These CPGs are a voluntary subset of cybersecurity practices that healthcare organizations, and healthcare delivery organizations in particular, can prioritize to strengthen cyber preparedness, improve cyber resiliency, and ultimately protect patient health information and safety.
Developed to help organizations establish a strong cybersecurity program or validate the effectiveness of an existing program, this guide helps organizations map their existing program to the NIST Cybersecurity Framework, identify improvements, and communicate results. This guide was developed to incorporate and align with processes and tools currently in use or under consideration.
With a focus on Innovation Capital protection, this resource can help security and risk practitioners protect their systems at any stage of their information protection program's maturity.
This risk assessment toolhelps your organization ensure it is compliant with HIPAA's administrative, physical, and technical safeguards. It also helps reveal areas where your organization's protected health information could be at risk. Designed for medium and small providers.
