Joint Commission collecting, sharing CISA educational resources on cybersecurity

Editor's Note

The Joint Commission on July 13 announced via its blog Dateline @ TJC that it has partnered with the Cybersecurity & Infrastructure Security Agency (CISA) to compile and make available several CISA educational resources and tools on cybersecurity at no cost to healthcare providers.

These include:

• A template provided by CISA as part of its Stop Ransomware guide that allows healthcare organizations to create customized plans to respond to a ransomware attack.
• A comprehensive guide as part of a collaboration between CISA and the Multi-State Information Sharing & Analysis Center that provides cybersecurity prevention practices and a checklist to counsel healthcare organizations through the necessary steps of preventing ransomware attacks.
• A webinar, titled Pragmatic Cyber Security Webinar, from CISA that provides information on how facilities should prevent, manage, and respond to any cyberattack.
• A self-evaluation called Ransomware Readiness Assessment CSET v10.3 to determine individual readiness of different types of cybersecurity risks.
• A “routinely updated” list of known software vulnerabilities being exploited by hackers, accessible here.
• A CISA-guided service called Cyber Hygiene Services that performs vulnerability scanning, web application scanning, and phishing campaign assessment.

According to the Dateline @ TJC release, there was a 70% increase in hacks and information breaches in the first half of 2022 compared to the same period in 2021; and in 2021, 66% of healthcare organizations reported having experienced a ransomware attack.