SANS Healthcare Cybersecurity News & Resources

Check out the latest healthcare cybersecurity news, webcasts, whitepapers, and other resources for cybersecurity professionals working in the healthcare sector.

The targeting and theft of sensitive health information continues to be a challenge. Increased regulation combined with a dynamic threat landscape requires today's healthcare leader to have a clear understanding of relevant legislation and how to measurably defend patient data and related systems. We can support you with practical advice for stopping even the most advanced attacks that may target your healthcare organization.

Featured Webcast

Unbreak my Heart – Lessons learned for building better medical devices while troubleshooting my pacemaker.

SANS NetWars Classroom

NetWars Healthcare

The SANS Institute is excited to offer a cyber range, exclusively focused on securing healthcare environments.

SANS Cyber Ranges focus on the practical application and assessment of hands-on cybersecurity training. The cyber range enables you and your team to apply skills you’ve learned in a curated and isolated environment, that gives you insight into what you are excelling at, and what you need to focus more on. You walk away with real world experiences on how to handle situations, without the real-world risk associated with practicing on live production equipment and systems.

Participants will build critically important cybersecurity skills in each of these areas vital to defending healthcare environments.

Example topics in NetWars Healthcare include:

  • Telemedicine and web app security
  • EMR and incident analysis
  • Medical device IoT security
  • Ransomware analysis and decryption
  • Hospital incident investigation with Windows domain event log analysis

Top SANS Courses for Healthcare Organizations

Course TitleGIAC Certification
FOR528: Ransomware for Incident RespondersNone

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

GIAC Certified Incident Handler (GCIH)

SEC401: Security Essentials Bootcamp Style

GIAC Security Essentials (GSEC)

FOR508: Advanced Incident Response, Threat Hunting, & Digital Forensics

GIAC Certified Forensic Analyst (GCFA)

SEC560: Network Penetration Testing and Ethical Hacking

GIAC Penetration Tester (GPEN)

MGT514: Security Strategic Planning, Policy, and Leadership

GIAC Strategic Planning, Policy, and Leadership (GSTRT)

MGT414: SANS Training Program for CISSP® Certification

GIAC Information Security Professional (GISP)

MGT512: Security Leadership Essentials for Managers

GIAC Security Leadership (GSLC)

FOR500: Windows Forensic Analysis

GIAC Certified Forensic Examiner (GCFE)

SEC542: Web App Penetration Testing and Ethical Hacking

GIAC Web Application Penetration Tester (GWAPT)

This has been my first SANS course and it's been phenomenal. I now understand why my coworkers spoke so highly of all the trainings and the events. Thank you all.
Andrew Walker
- Novant Health
I would recommend SANS training because of the expertise and knowledge of the instructors.
Brandon McInnis
- Blue Cross Blue Shield of Mississippi
The content from the first day alone has quite a bit I can take back to work. There’s so much information as far as tools and techniques; if I hadn't taken this course (FOR508), I wouldn't have come across them.
Prathaben Kanagasingham
- Medtronic
I would unequivocally recommend this course (FOR585). I feel more confident in my ability to work outside commercially available forensic tools and complete more difficult mobile forensic examinations.
David Gonzalez
- RWJ Barnabas Health
(SEC504) is providing information that will help expand my security toolset and understand ways we can defend against the attacks we cover. This is very valuable experience to help me better perform my responsibilities.
Derek Dorman
- Dayton Children's Hospital
The class, instructor, and organizers were amazing throughout this SEC401 bootcamp! I learned a lot of useful information and look forward to reviewing the recordings soon.
Tamie Wade-Britton
- Sutter Health
There is no substitute for SEC504! This is a great course that will be extremely valuable for my role.
Robert Hooley
- eHealth NSW