CISA reports on healthcare risk and vulnerability assessment, offers cybersecurity recommendations

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a cybersecurity advisory following an assessment of risk and vulnerability in the healthcare and public health sector. The report provides recommendations on how organisations can enhance cybersecurity. The assessment didn’t find any significant vulnerabilities externally that could be exploited, but did identify several weaknesses internally, including misconfigurations and weak passwords. The paper provides a range of recommendation including implementing mitigations, managing assets, online access and hardening software.