The Critical Connection: Public Health Infrastructure and Cybersecurity January 10, 2024 On Wednesday, January 10, 2024 from 1:00-2:00 p.m. a webinar will be held with speakers highlighting forward-thinking strategies designed to empower participants to prepare for and navigate future cybersecurity challenges. Please share this opportunity with your HCCs. Connection Information INSPIRE Readiness Website Launch: Strengthening Public Health Preparedness January 16, 2024 Join the Association of State and Territorial Health Officials (ASTHO) for the launch of the INSPIRE: Readiness website and explore how it can help meet today's public health challenges. This webinar is scheduled for January 16, 2024 from 2:00 – 3:00 p.m. EST. This innovative new platform features inspiring stories, practical resources, and proven strategies for addressing persistent issues across four key areas: workforce, training and resources, equity, and data systems and management. For more information, including connection information 2024 Hometown Health Hero Awards – Nominations Open January 31, 2024 The Michigan Public Health Week Partnership invites you to nominate someone for the Hometown Health Hero award. The award is presented every year to individuals and/or organizations that have made significant and measurable contributions to preserve and/or improve the health of their community. The 2024 award event marks the 20th anniversary of these awards and the Partnership that sponsors them. Over the last twenty years, community leaders, organizations, and individuals have been doing great things to improve the health of their communities and to increase equity in health. The Partnership wants to continue to recognize those accomplishments, but we need your help. Awardees are selected solely from nominations received. The only way for someone to receive this award is to be nominated. Submit a completed nomination form to the Partnership by email (or fax to 517-335-8392) no later than 5:00 pm, January 31. Awardees are selected solely from nominations received by the deadline. Awards will be presented on Wednesday, April 10 at 11:30 a.m. in the Atrium of Heritage Hall in the State Capitol Building. The event is open to the public. For more information & nomination form CISA Releases Key Risk and Vulnerability Findings for Healthcare and Public Health Sector In January 2023, CISA conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization to identify vulnerabilities and areas for improvement. An RVA is a two-week penetration test of an entire organization, with one week spent on external testing and one week spent assessing the internal network. As part of the RVA, the CISA assessment team conducted web application, phishing, penetration, database, and wireless assessments. The assessed organization was a large organization deploying on-premises software. During the one-week external assessment, the assessment team did not identify any significant or exploitable conditions in externally available systems that may allow a malicious actor to easily obtain initial access to the organization’s network. Furthermore, the assessment team was unable to gain initial access to the assessed organization through phishing. However, during internal penetration testing, the team exploited misconfigurations, weak passwords, and other issues through multiple attack paths to compromise the organization’s domain. In coordination with the assessed organization, CISA is releasing this Cybersecurity Advisory (CSA) detailing the RVA team’s activities and key findings to provide network defenders and software manufacturers recommendations for improving their organizations’ and customers’ cyber posture, which reduces the impact of follow-on activity after initial access. CISA encourages the HPH sector and other critical infrastructure organizations deploying on-premises software, as well as software manufacturers, to apply the recommendations in the Mitigations section of this CSA to harden networks against malicious activity and to reduce the likelihood of domain compromise. Learn more on cisa.gov.
0 Comments
Leave a Reply. |
Archives
July 2024
Categories |