CISA Issues Mitigation Guide for Healthcare + Public Health Sector


On November 17, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a supplemental mitigation guide for the healthcare and public health sector to the Cyber Risk Summary for those sectors published on July 19, 2023.

“This guide provides defensive mitigation strategy recommendations and best practices to combat pervasive cyber threats affecting this critical infrastructure sector. It also identifies known vulnerabilities for organizations to assess their networks and minimize risks before intrusions occur.”

The Guide lists the top vulnerabilities to the health care and public health sectors from highest to lowest as:

The Guide provides three mitigation strategies to employ to address the vulnerabilities and threats posed and the associated MITRE ATT&CK techniques used, including areas of focus for organizations to prioritize. This is a must-read for organizations in the healthcare and public health sector.


Copyright © 2024 Robinson & Cole LLP. All rights reserved.
National Law Review, Volumess XIII, Number 334