Full Report
The Health Information Sharing and Analysis Center (Health-ISAC) released its ‘2025 After-Action Report,’ drawing on a series of... The post Health-ISAC flags gaps in cyber resilience and incident response, calls for incident coordination and information sharing appeared first on Industrial Cyber.
Analysis Summary
# Best Practices: Health-ISAC 2025 Healthcare Cyber Resilience
## Overview
These practices address the critical gaps in incident response (IR), operational resilience, and cross-functional coordination within the healthcare sector. They focus on minimizing the impact of cyber incidents on patient care through improved detection, rapid containment, and structured communication.
## Key Recommendations
### Immediate Actions
1. **Establish Out-of-Band (OOB) Communication:** Set up secure, non-corporate communication channels (e.g., Signal, separate encrypted Slack instances, or satellite phones) for use when primary networks are compromised.
2. **Define Incident Escalation Criteria:** Create a simple "If-Then" checklist for help desks and frontline IT staff to identify when routine tickets should be escalated to the SOC or leadership.
3. **Formalize Containment Authority:** Pre-authorize security teams to isolate infected devices or segments without waiting for executive approval if specific "high-risk" criteria are met (e.g., active ransomware encryption).
### Short-term Improvements (1-3 months)
1. **Implement Layered Monitoring Correlation:** Configure SIEM/SOAR platforms to correlate alerts across disparate