national-cancer-institute-NFvdKIhxYlU-unsplash

The Cybersecurity and Infrastructure Security Agency (CISA) has recently released a healthcare-specific cybersecurity vulnerability mitigation guide. The guide focuses on addressing critical vulnerabilities and provides a proactive approach to combatting cyber threats.

I thought it would be useful to examine the three mitigation strategies in this report as they related to BackBox in healthcare and public health.

Mitigation Strategy #1 Asset Management and Security

you can’t secure, what you can’t see.

There are two focus areas in this section, the first of which, “asset inventory” is right in BackBox’ wheelhouse.

CISA recommends implementing and maintaining an inventory of assets for your environment. This is useful in its own right, as you can’t secure what you don’t know about. But also it’s important to understand the makeup of your network, the versions of software they’re running, and whether or not your inventory is past it’s end-of-life.

BackBox can collect this information (and more) and share it with whatever CMDB is being used. We collect this data automatically when doing a nightly backup, but can also run a separate job to collect and share inventory data.

This inventory data collection is a fundamental part of our Network Vulnerability Management solution, but more on that in a bit.

In part two of this section, there are some network port configuration recommendations that BackBox can help enforce with our compliance capabilities.

Mitigation Strategy #2 Identity Management and Device Security

Just as personnel may use a name badge to identify themselves in the physical work environment, cybersecurity access management practices are essential for ensuring all users are properly identified and authenticated in the digital space.

Most of this section relates to phishing prevention and sits at higher layers in the stack. However, focus area #2 relates to Access Management, and it’s worth spending a minute on the topic.

BackBox is an automation platform, but we also have a set of capabilities around Privileged Access Management that allows BackBox to serve as a jumpbox for administrators. With these capabilities, administrators connect securely to any device through BackBox. Doing so, each session is recorded and auditable. These audits can be used for both compliance and training purposes.

BackBox ensures only the right people have the right access to network devices, and provides an auditable record of all device access and activity. This is critically important in protecting the network.

Mitigation Strategy #3 Vulnerability, Patch, and Configuration Management

Vulnerability management is the ongoing process of identifying, assessing, reporting on, managing, and remediating cyber vulnerabilities in software and systems.

This section sounds like a page from the BackBox Network Vulnerability Management ‘manual’. Its two sections include both vulnerability and patch management, and configuration and change management.

Using the inventory you have, these recommendations suggest that you map to a vulnerability and threat feed to know where your vulnerabilities lie, and with this knowledge, ensure that vulnerabilities are patched in a timely manner.

With configuration management, it’s important to establish baselines and groom configurations back to the baseline as they drift.

Summary

BackBox is an ideal solution for healthcare and public health organizations looking to increase the security of their network infrastructure.

We map nicely to HIPAA, DISA STIGs, and now this set of recommendations from CISA. With BackBox you get a flexible automation platform that helps administrators simply administer their networks at scale in a way that ensures a deep focus on network security.

See for yourself how consistent and reliable your device backups and upgrades can be