December 15, 2023

Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

December 15, 2023

What we know so far

In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment for a Healthcare and Public Health sector organization, testing both external and internal network security. The external assessment revealed no significant vulnerabilities, but internal tests exposed issues like misconfigurations and weak passwords, leading to domain compromise. CISA, in collaboration with the assessed organization, issued a Cybersecurity Advisory to share findings and recommend mitigation strategies for network hardening, particularly for organizations using on-premises software, to enhance cybersecurity and prevent domain compromise.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories