Cyber Risk Toolkit

Because cyber security risks are constantly evolving, we want the members of our LHA Trust Funds to be as knowledgeable and prepared as possible. This toolkit provides proprietary information as well as public domain information about cyber risks.

Cybersecurity Risk Assessment

Conducting a risk assessment is a proactive way to identify opportunites in your cyber security program. This resource provides a step-by-step guide.

1 of 1

Understanding Cybersecurity Risks

Learning how to protect your organization from cybersecurity attacks starts with understanding the risks within your organization. These resources provide information on risk reduction strategies to identify and address potential risks.

  • Webinar


    Webinar: Cyber Risk and Cyber Liability

    NAS Underwriter and Cyber Liability Specialist Jessica Baraghimian discusses the different types of information and data at risk of being sold on the Black Market. She will also give insight into current data breach trends and the scenarios of real data breaches that have recently occurred in today’s healthcare facilities.

    TAGS: NAS, Black, Market, Breach, Trends

  • National Association of Insurance Commissioners: Cybersecurity

    The NAIC provides resources for the insurance sector in cybersecurity risks and attacks.

    TAGS: NAIC, Insurance, Sector, Cybersecurity, Risk, Attack

  • Institute of Risk Management: Cyber Risk and Risk Management

    IRM provides resources for risk professionals in the area of cyber risk and security.

    TAGS: IRM, Risk, professionals, Security, Cyber

Cybersecurity Best Practices

Implementing best practices in cybersecurity is important for healthcare organizations to have in place to reduce cybersecurity risks and potential attacks.

  • Guidelines/Recommendations


    Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook

    This playbook provides a framework that can serve as a tool in addressing cybersecurity threats impacting medical devices and equipment with the potential to impact safe patient care and clinical operations. This comprehensive guide addresses medical device inventory, hazard vulnerability analysis, emergency operations plan, incident response, training and post-event reporting.

    TAGS: Playbook, Framework, Medical, Hazards, Vulnerability, Training

  • Guidelines/Recommendations


    White Paper: Five Best Practices For Mitigating Medical Device Security Risks

    Medjacking, also known as medical device hijacking, is a security threat to healthcare organizations because connected medical devices can be hacked, exposing confidential patient information. This threat targets devices directly associated with patient care. It is imperative for organizations to review security of medical devices and ensure security strategies are in place to protect against a direct threat to patients. This white paper developed by Great Bay Software, Inc in Bloomington, MN recommends five best practices to mitigate the risks from medjacking.

    TAGS: Medjacking, great, bay, software, bloomington, MN, Mitigate, Risk, device

  • Guidelines/Recommendations


    Department of Health and Human Services: Top 10 Tips for Cybersecurity in Healthcare

    The U. S. Department of Health and Human Services has issued voluntary best practices, including 10 great tips for healthcare organizations for managing cyber threats and protecting patients.

    TAGS: human, Services, 10, Tips, Cyber, threats

Cybersecurity Online Resources

Online Cybersecurity resources are provded for healthcare providers to minimize the risk of a cyber security attack.

  • Tokio Marine CyberNET

    The LHA Trust Funds Tokio Marine CyberNET Support provides continually updated information, on-demand advice and a wide range of cyber risk management resources. This member-only toolkit portal provides access to legal advice, email alerts, webinars and comprehensive online training for risk managers and employees.

    TAGS: LHA, trustfund, Cyber, Risk, email, legal, toolkit, portal

  • The Office of the National Coordinator for Health Information Technology

    The ONC provides resources in Health IT efforts and the promotion of health information exchange networks as a way to improve patient care.

    TAGS: ONC, IT, efforts, network, Patient, Health, Exchange

  • National Cyber Awareness System

    The National Cyber Awareness System provides realtime alerts, analysis reports and current activites in cyber security issues.

    TAGS: awareness, realtime, alerts, Cyber, Security