Free internet-facing Vulnerability Scanning
Free internet-facing Vulnerability Scanning service from DHS CISA for H-ISAC members
During this critical time of our Nations’ Healthcare Sector, DHS Cybersecurity & Infrastructure Security Agency (CISA) has partnered with H-ISAC to make available a free, continuous vulnerability scanning service to assess the security of internet facing networks of any H-ISAC member organization interested in enrolling in the service.
CISA’s “Cyber Hygiene” is a Vulnerability Scanning service that helps secure internet-facing systems from weak configurations and known vulnerabilities, and encourages the adoption of modern security best practices. CISA will perform regular network and vulnerability scans and deliver a weekly report for action by the individual H-ISAC member organization.
The Cyber Hygiene service is highly automated and requires little direct interaction.
Here’s a summary of the process to get started:
- H-ISAC member sends enrollment request to CISA
- CISA will validate the request and send a scanning agreement to the H-ISAC member
- H-ISAC member completes scanning agreement and returns to CISA
- Automated scans will start within 72 hours
- H-ISAC member will begin receiving reports in 7 to 10 days (any critical findings will be delivered within one business day)
CISA will not share the scanning results without written and agreed consent from the H-ISAC member organization. CISA uses anonymized data to develop non-attributed reports for trending and analysis purposes.
For more information, please see the attached one page informational brochure.
To enroll, send an email to NCATS_INFO@hq.dhs.gov and include a cc to contact@h-isac.org so H-ISAC can confirm you are an H-ISAC member. In your email to DHS, be sure to include you are a healthcare firm with active stakes in the COVID-19 response.
[pdf-embedder url=”https://h-isac.org/tmp24/wp-content/uploads/2020/04/CyHy-Vulnerability-Scanning.pdf” title=”CyHy Vulnerability Scanning”]
- Related Resources & News
- Health-ISAC Hacking Healthcare 8-26-2024
- What is Threat Intelligence? A Comprehensive Overview
- Why Cybercriminals Target Healthcare Data and How Organisations Can Protect Themselves
- Federal Authorities Work to Boost Health-Care Cybersecurity
- Health-ISAC Hacking Healthcare 8-9-2024
- Health-ISAC Medical Device Blog – VEX
- Podcast: Health-ISAC Featured in Cyberwire Daily episode 2021
- Health-ISAC Hacking Healthcare 8-2-2024
- Protecting Healthcare Organizations with Human-Centric Email Security
- American Hospital Association and Health-ISAC Joint Threat Bulletin