Cybersecurity Awareness Key Behavior - Software Updates
2023 Cybersecurity Awareness Month, Week 3 Key Behavior - Software updates provide security protection
Resource Library
Our cybersecurity resources are free and can be used by organizations sized small to large. Search below to find the latest best practices, cyber hygiene resources, and more! Search and use the bank of resources HHS has to offer to find information and materials in one place!
85 resources
405(d) Program receives the Information Security Leadership (ISC)2 - Community Awareness Award
Check out this article on the 405(d) Program's award at the Information Security Leadership Awards!
Healthcare Threat Identification
This cyber hygiene poster highlights that threats exist at every level of your organization. Be aware of the threats that face your organization in order to protect PHI.
March Sporlight Webinar - CISA Priority Telecommunications Services
Bruce Belt & Larry Clutts from the Cybersecurity Infrastructure and Security Agency discuss why priority communications is crucial to continuity of operations during adverse conditions such as weather events, cyber-attacks, or human error.
How to Implement Cyber Insurance (for Medium-Large Healthcare Organizations)
This “how to” gives your organization information and background on cyber insurance as well as implementation tips for your medium and large organization to start working on now!
HICP 2023, Hospital Cyber Resiliency Landscape Analysis, and Knowledge on Demand
Discussion on the three new 405(d) Resources - HICP 2023, Cyber Resiliency Landscape Analysis, and Knowledge on Demand
405(d) SBAR - Log4j
Learn more about the Log4j SBAR of 2021 to provide situational background and recommendation on the threat.
HICP Executive Summary of Technical Updates
This is a working document of all the HICP updates that have been implemented in the 2023 Edition. Feel free to review for all of our new content and cybersecurity topics.
Medical Practitioners Cyber Hygiene Poster
This Healthy Cyber Habits Poster is a helpful reminder of best practices your Medical Practitioner can use in your organization!
Practice Adminstrator & IT Professionals Cyber Hygiene Poster
This Healthy Cyber Habits poster is a helpful reminder of best practices your Practice Administrator and IT Professional can use in your organization.
Have You Heard - MFA
Check out this infographic to learn more about Multi-factor authentication (MFA), or two-factor authentication (2FA).
Cybersecurity Awareness Key Behavior - Multifactor Authentication (MFA)
2023 Cybersecurity Awareness Month, Week 3 Key Behavior - Enable MFA on all appropriate accounts
How to Implement Patching (Small organizations)
This “how to” gives your organization information and background on patching as well as implementation tips for your small organization to start working on now!
Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP 2023 Edition)
The HICP 2023 edition outlines the top threats facing the HPH Sector. Developed with every stakeholder in mind, organizations from small to large can benefit from the resources and best practices provided in the main document and additional two technical volumes.
How to Implement Data Security (Large organizations)
This resource provides organizations with the know how for implementing data security in a large organization. Your team or organization can use this infographic for new information as well as a refresher of information to keep patients safe.
Knowledge on Demand’s Quick Shots: Botnet
This video helps users identify and be aware of the threat of botnet by understanding what it is and how it works. Use this video in your organization or share with others that may or may not know the term botnet, or the threat that looms.
HHS Cybersecurity Program One Pager
Check out this infographic to learn more on the HHS Cybersecurity Porgram.
2023 Cybersecurity Awareness Month Key Behaviors Posters
Celebrate and download these posters next month in your organization for awareness of key behaviors, including Multi-Factor Authentication (MFA), Software Updates, Phishing, and Strong Passwords!
Operational Continuity-Cyber Incident (OCCI) Checklist
The Operational Continuity-Cyber Incident (OCCI) checklist serves as an action plan designed to assist operational staff and executive management in effectively responding to and recovering from an extended enterprise outage caused by a severe cyber-attack. This checklist, an integral component of your broader Incident Response Plan (IRP), is specifically tailored to address the critical first 12 hours following a cyber event.
HICP Highlights
One page overview of 2023 HICP Publication
Healthy Cyber Habits
This Healthy Cyber Habits poster is a reminder for everyone in an organization that Cybersecurity is a shared responsibility along with actions at every role to keep patients safe.
Cyber Hygiene: Cyber Safety is Everyone's Responsibility
2024 National Cybersecurity Awareness Month: Cyber Safety is Everyone's Responsibility Poster. Download and use this poster in your organization as a reminder that keeping everyone can do something to strengthen your organization's cyber posture.
COVID 19 Clinicians and Healthcare Professionals
Check out this infographic to learn more on cyber diligence and health crisis.
Ransomware Infection Poster
Be wary of this type of malware with quick tips and mitigation practices to protect your organization with this poster.
405(d) Program Presents: 2021 Cyber Threat Review (December)
Check out this webinar to catch up on the December 2021 threat review conducted by the 405(d) Program.
405(d) Program Presents: The Internet of Medical Things: Making Them Secure
Check out this webinar to follow along with the 405(d) Program as they discuss The Internet of Medical Things: Making Them Secure.
Have You Heard - Telehealth Security
Check out this Have You Heard on Telehealth Security with great information and statistics on cybersecurity implications.
2022 Patient Safety Awareness Week Toolkit for Small Organizations
Download the 2022 Patient Safety Awareness Week Toolkit for small organizations that you can use!
Teleworking Tips
Check out these 12 tips for safe teleworking recommendations from HICP!
405(d) SBAR - Kaseya VSA Supply Chain Ransomware Attack
Learn more about the Kaseya VSA Supply Chain Ransomware Attack Update SBAR of 2021 to provide situational background and recommendation on the threat.
How to Implement Data Security (Medium organizations)
This resource provides organizations with the know how for implementing data security in a medium organization. Your team or organization can use this infographic for new information as well as a refresher of information to keep patients safe.
How to Implement Patching (Large organizations)
This “how to” gives your organization information and background on patching as well as implementation tips for your large organization to start working on now!
Cyber Hygiene: Security Operations and Incident Response in Healthcare
2024 National Cybersecurity Awareness Month: Security Operations and Incident Response Poster. Download and use this poster in your organization as a helpful reminder of information relating to implementing a Security Operations Center (SOC) and effective Incident Response (IR).
Cyber Hygiene: Secure Your Inbox, Protect Your Patients
2024 National Cybersecurity Awareness Month. Download and use this poster in your organization as a helpful reminder of information relating to email phishing and the importance of securing your inbox.
2022 Patient Safety Awareness Week Toolkit for Medium-Large Organizations
Download the 2022 Patient Safety Awareness Week Toolkit for medium to large sized organizations that you can use!
National Critical Infrastructure Security and Resilience Month Campaign - 2019
Check out the National Critical Infrastructure Security and Resilience Month Campaign of 2019!
Cybersecurity Awareness Key Behavior - Social Engineering/Phishing
2023 Cybersecurity Awareness Month, Week 4 Key Behavior - Be aware of Social Engineering/Phishing attacks
July Spotlight Webinar - Healthcare Benchmarking Study
Ruirui Sun, PhD Insights Manager KLAS Research and Ed Gaudet, CEO of Censinet share the detailed findings of a healthcare benchmarking study and the value of peer benchmarking.
Patient Safety Awareness Week 2020
Download information, helpful tips, and more for Patient Safety Awarenees Week of 2020!
Knowledge on Demand’s Quick Shots: Encryption
This video helps users identify and be aware of the topic of Encryption by understanding what it is and how it works.
Knowledge on Demand’s Quick Shots: Virtual Private Network
This video helps users understand the importance of a VPN and how it works. Use this video in your organization or share with others that may or may not know the term VPN!
How-To: Cyber Workforce Development (for small organizations)
Cyber workforce training is an effort to train your staff on the most common and pertinent cyber threats today. Check out this infographic to learn more for your small sized organization!
HHS CPG Highlights
Check out this one pager highlighting the Health and Human Services Cybersecurity Performance Goals!
How-To: Cyber Workforce Development (for medium organizations)
Cyber workforce training is an effort to train your staff on the most common and pertinent cyber threats today. Check out this infographic to learn more for your medium sized organization!
Knowledge on Demand’s Quick Shots: Access Management
This video helps users identify and be aware of the topic of Access Management by understanding what it is and how it works. Use this video in your organization or share with others that may or may not know the term access management, or the threat that looms.
Cybersecurity Toolkit
Find out what is in (and what needs to be in) your cybersecurity toolkit to protect patients from cybersecurity threats.
Task Group Member List
405(d) Task Group Member list current as of March 25th, 2024
How to Implement Data Classification
Check out this new poster on understanding where data resides, where it is accessed, and how it is shared!
405(d) Task Group receives the 2019 FedHealth IT Innovation Award!
Learn more on 405(d) Task Group's recognition and award at FedHealthIT 2019 Innovation Awards!
Prepare, React, Recover - Ransomware
Learn more about ransomware protection and recovery with this infographic!
Is Your Enterprise Evolving to Protect Patients?
Learn more about your enterprise evolving and how to protect your patients better.
Knowledge on Demand’s Quick Shots: Malware
This video helps users identify and be aware of the threat of malware by understanding what it is and how it works. Use this video in your organization or share with others that may or may not know the term malware, or the threat that looms.
Check your Cyber Pulse - HICP's 10 Mitigating practices
The 405(d) Task Group has produced this series aligning with HICP’s 10 mitigation practices to give healthcare organizations a quick reference for maintaining cybersecurity readiness every day and will allow your organization to self-diagnose their cybersecurity posture from Healthy to Risky to Very Risky behaviors.
National Cybersecurity Awareness Month Campaign (NCSAM)
Learn more about the National Cybersecurity Awareness Month Campaign for helpful information and recommendations.
Knowledge on Demand Highlights
One page overview of the Knowledge on Demand Platform
2022 Patient Safety Awareness Week Poster
Check out the 2022 Patient Safety Awareness Week poster! Patient Safety Awareness Week is an important time of year for healthcare organization members to reflect and learn new ways to protect patients, and this also includes cyber safety.
Cybersecurity Awareness Key Behavior - Importance of Strong Passwords
2023 Cybersecurity Awareness Month, Week 4 Key Behavior - Strong Password provide strong protection
Healthcare Cybersecurity infographic
Check out this infographic to learn more on staying safe in cyber safe in healthcare.
Have You Heard - Ransomware
Check out this Have You Heard on Ransomware with great information and statistics on ransomware threats.
Medium/Large Organizations Executive Card
This resource allows medium and large sized organizations to understand the benefits of HICP and how to use the guide to fit their organization!
405(d) SBAR - Vmware Critical Patch Update
Learn more about the Vmware Critical Patch Update SBAR of 2021 to provide situational background and recommendation on the threat.
Legal Implications of a Cyber Attack
Under the auspices of the Cybersecurity Act of 2015 (CSA), Section 405(d), the U.S. Department of Health and Human Services ( HHS ) convened the CSA 405(d) public/private task group to enhance cybersecurity and align industry security practices.
Cyber Hygiene: Protect Your Endpoints: A Safeguard for Healthcare
2024 National Cybersecurity Awareness Month: Protect Your Endpoints Poster. Download and use this poster in your organization as a reminder that keeping everyone can do something to strengthen your organization's cyber posture.
Cybersecurity Awareness Month Toolkit-All Size Organizations!
This toolkit is designed to help you promote cyber safety as patient safety during the month of October to your organization. With this toolkit you will have the ability to highlight important cyber tips and information that can help your employees grow their cyber awareness and increase their ability to keep patients safe from cyber threats.
405(d) Program Presents: A Case Study of “Cancer Care in the Wake of a Cyber Attack”
Check out this webinar to follow along with the 405(d) Program as they discuss the case study of “Cancer Care in the Wake of a Cyber Attack.”
CPG_HICP Crosswalk
This is a working document that aligns CISA CPGs to the HICP publication best practices
405(d) Program Presents: Healthcare’s Enterprise Cyber Risk Management
Check out this webinar to follow along with the 405(d) Program as they discuss Healthcare’s Enterprise Cyber Risk Management: How to engage the C-suite and Board in cyber risk management discussions.
Technical Volume 2: Cybersecurity Practices for Medium and Large Healthcare Organizations
The Technical Volume 2 outlines healthcare cybersecurity best practices for medium-sized and large healthcare organizations. This volume is for the technical practitioner and contains technical details for implementing cybersecurity practices.
Cyber Hygiene: Identity and Access Management
2024 National Cybersecurity Awareness Month: Identity and Access Management Poster. Download and use this poster in your organization as a reminder that keeping everyone can do something to strengthen your organization's cyber posture.
Small Practices Executive Card
This resource allows small sized organizations to understand the benefits of HICP and how to use the guide to fit their organization!
Staying Cyber Safe in the HPH Sector
Check out this infographic for cyber hygiene tips for the healthcare and public health sector.
Cyber Safety Zone Poster
This poster is a cyber hygiene poster highlighting the top 5 threats in the healthcare sector and tips anyone can use to mitigate them.
405(d) Program Presents: Monitoring and Responding to Cyber Threats: A Look into FDA’s role in monitoring threats and how one CISO is responding and protecting organizations
Check out this webinar to follow along with the 405(d) Program as they discuss Monitoring and Responding to Cyber Threats: A Look into FDA’s role in monitoring threats and how one CISO is responding and protecting organizations.
Have You Heard - Protecting EHRs
Check out this Have You Heard on Protecting EHRs with statistics and tips to support patients health records.
Rhysida Ransomware Attack
Learn more about the Rhysida Ransomware Attack SBAR of 2023 to provide situational background and recommendation on the threat.
Cybersecurity Diet
Find out how to protect your patients from all cyber-threats with a balanced cybersecurity approach.
How to Implement Cyber Insurance (for Small Healthcare Organizations)
This “how to” gives your organization information and background on cyber insurance as well as implementation tips for your small organization to start working on now!
How-To: Cyber Workforce Development (for large organizations)
Cyber workforce training is an effort to train your staff on the most common and pertinent cyber threats today. Check out this infographic to learn more for your large sized organization!
Technical Volume 1: Cybersecurity Practices for Small Healthcare Organizations
The Technical Volume 1 outlines healthcare cybersecurity best practices for small healthcare organizations. For this volume, small organizations generally do not have dedicated information technology (IT) and security staff dedicated to implementing cybersecurity practices.
Social Engineering Infection Poster
Beware of social engineering infections with quick tips and mitigation practices to protect your organization with this poster.
How to Implement Patching (Medium organizations)
This “how to” gives your organization information and background on patching as well as implementation tips for your medium organization to start working on now!
How to Implement Data Security (Small organizations)
This resource provides organizations with the know how for implementing data security in a small organization. Your team or organization can use this infographic for new information as well as a refresher of information to keep patients safe.
Cybersecurity Check Up
Learn more on how to conduct a cybersecurity checkup on your organization daily!
New Techniques
Check out this infographic to learn more on new techniques criminals are using to threaten patients!
No resources match the current filters.