The targeting and theft of sensitive health information continues to be a challenge. Increased regulation combined with a dynamic threat landscape requires today's health care leader to have a clear understanding of relevant legislation and how to measurably defend patient data and related systems. We can support you with practical advice for stopping even the most advanced attacks that may target your health care organization.
Deployment Kit for Securing Your Workforce at Home, Lance Spitzner
Introducing SANs Offensive Operations, Stephen Sims
Building an Enterprise Grade Home Lab, Ismael Valenzuela & Justin Henderson
CISSP Cram Session, Eric Conrad
Download notes from the Ransomware + Healthcare Live Stream here.
Download notes from the Privacy Officer Live Stream here.
Video Series - Doc's Shorts
SANS Top New Attacks and Threat Report, John Pescatore
Cybersecurity in the Age of the Cloud, Frank Kim
Implementer's Guide to Deception Technologies, Kyle Dickinson
Generating Hypotheses for Successful Threat Hunting, Robert M. Lee & David Bianco
2020 SANS Cyber Threat Intelligence (CTI) Survey, Robert M. Lee
Detecting Malicious Activity in Large Enterprises, Matt Bromiley
Spends and Trends: SANS 2020 IT Cybersecurity Spending Survey, Barbara Filkins & John Pescatore
Making and Keeping Work-at-Home Operations Safe and Productive, John Pescatore
Hot Topics and Related SANS Resources
Webcast: Malware & Ransomware Solutions Forum
Livestream: Ransomware and Healthcare: A Deadly Combination
- Download Doc's notes from the Ransomware + Healthcare Live Stream here.
Ransomware + Healthcare in the News:
- Woman Dies During A Ransomware Attack on A German Hospital
- UHS Ransomware Attack Costs 67M in Lost Revenue, Recovery Efforts
- Ransomware Attacks on Healthcare Organizations Cost Nearly $21B Last Year, Study Finds
- Ransomware: In the Healthcare Sector
Ransomware and HIPAA Fact Sheet, pdf download
Ransomware Guidance, US HHS Office for Civil Rights, pdf download
Supply Chain/3rd Party Vendors
Resource: Securing Web Application Technologies [SWAT] Checklist and Poster
The SANS Institute is super excited to announce our newest cyber range, exclusively focused on securing health care environments! In this series of challenges, you’ll help Generic Hospital deal with some major cybersecurity issues facing similar organizations around the world today. Generic Hospital’s cybersecurity staff has identified suspicious events that require an immediate investigation. Also, new medical IoT devices in the hospital need to be analyzed for vulnerabilities. What’s more, the organization has deployed a new telemedicine web application that requires a security test. And, to top it all off, Generic Hospital is being targeted with some nasty ransomware! Participants will build critically important cybersecurity skills in each of these areas vital to defending health care environments. Don’t miss this brand-new Health Care Mini-NetWars experience.
For more information, check out our flyer for our Healthcare NetWars.
But don't just take our word for it. Here's what an attendee of Healthcare NetWars had to say about it:
SEC556: IoT Penetration Testing
SEC556 facilitates examining the entire IoT ecosystem, helping you build the vital skills needed to identify, assess, and exploit basic and complex security mechanisms in IoT devices. This course gives you tools and hands-on techniques necessary to evaluate the ever-expanding IoT attack surface.
Learn more about the course here.
Top Courses for Healthcare Organizations
|Course Title||GIAC Certification|
GIAC Certified Incident Handler (GCIH)
GIAC Security Essentials (GSEC)
GIAC Certified Forensic Analyst (GCFA)
GIAC Penetration Tester (GPEN)
GIAC Strategic Planning, Policy, and Leadership (GSTRT)
GIAC Information Security Professional (GISP)
GIAC Security Leadership (GSLC)
GIAC Certified Forensic Examiner (GCFE)
GIAC Web Application Penetration Tester (GWAPT)