If you need a little intellectual stimulation after hours of Thanksgiving turkey and football, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just the thing — the new CISA Mitigation Guide for the Healthcare and Public Health Sectors.  This somewhat technical guide is a little dry, but it offers solid recommendations and sugested best practices to combat the pervasive cyber threats affecting the Healthcare and Public Health (HPH) Sectors.

CISA identified and its guide addresses common vulnerabilities and insecure configurations across the HPH Sector, such as:

• Web application vulnerabilities
• Encryption weaknesses
• Unsupported software
• Unsupported Windows operating systems (OS)
• Known exploited vulnerabilities (KEVs)
• Vulnerable services

Exposure of these and other vulnerabilities can result in ransomware, data breaches, or denial-of-service, and can compromise the availability, confidentiality, and integrity of criticial HPH systems, functions, and data.  So skip the holiday shopping crowds and spend a little time with CISA’s Mitigation Guide this weekend.