Share this article on:
The Health Information Trust Alliance (HITRUST) has announced a new partnership with Trend Micro. The aim of the partnership is to speed the delivery of cyber threat research and education and improve organizational threat management.
The partnership has seen the creation of the Cyber Threat Management and Response Center which will help to expand cyber threat information sharing and improve the service to healthcare organizations at all levels of cybersecurity maturity, helping them to deal with the increasing range of cyber threats and frequency of attacks.
HITRUST already shares cyber threat intelligence with organizations that have signed up with its Cyber Threat Xchange (CTX) – the most widely adopted threat information sharing organization for the healthcare industry.
HITRUST collects, analyses and distributes cyber threat information through CTX, including indicators of threats and compromise and has been working hard over the past 18 months to expand the collection of cyber threat information through its Enhanced IOC Collection Program. HITRUST now leads the industry in the identification of unique IOCs.
HITRUST has been trying to improve its threat information sharing program to better serve the healthcare industry. HITRUST has identified a number of key areas where improvements can be made, including speeding up the collection, analysis and delivery of threat information, advancing its threat hunting capabilities and improving reporting, integration, education and collaboration.
After assessing costs, skill sets, available resources and current capabilities, HITRUST determined the best way to improve its service was through a partnership with an established and well-qualified cyber research lab. Trend Micro was the natural choice.
One of the key areas where the Cyber Threat Management and Response Center will be able to help is ensuring threat information is shared in a format that can be easily consumed and leveraged by all healthcare organizations to mitigate risk.
HITRUST points out that through the HITRUST CTX, threat information was shared with healthcare organizations about both the WannaCry and NotPetya attacks. The outreach to organizations occurred soon after the threat was detected, with threat indicators shared 14 days before the first organization reported it had experienced an attack. The information allowed many healthcare organizations to take proactive steps to mitigate risk. However, HITRUST found that some healthcare organizations were unable to consume the information it shared.
Through the Cyber Threat Management and Response Center HITRUST “will deliver capabilities to address cyber threat management, defense, and response based on an organization’s cyber maturity level.”
“The HITRUST CTX has established itself as a leader in the collection of threat indicators. Now the focus needs to be ensuring organizations of any cyber maturity can leverage this information in a timely manner,” said Kevin Charest, DSVP and CISO, Health Care Service Corp. He explained that “Information sharing has no value if people can’t quickly act upon it, making the HITRUST CTX transition to cyber threat management a crucial step for industry.”
HITRUST has outlined the first phase of expanding its resources through the Cyber Threat Management and Response Center and says the new partnership with Trend Micro will allow it to offer:
- Access to the world’s best threat research lab will enable HITRUST to collect and distribute a much broader range of IOCs
- Analyses and research will be disseminated much more rapidly and geared to organizations at all levels of maturity
- The center will have access to more healthcare industry specific vulnerabilities and threat information
- Vulnerability information and IOC and TTP linkage with the HITRUST Threat Catalogue will be expanded
- The center will have the resources to enable more responsive community engagement and assistance, including inquiry response and IOC submission analysis
- HITRUST will improve tracking and monthly reporting of cyber threats targeting healthcare data and healthcare organizations
HITRUST has confirmed that it will continue to provide basic access to the HITRUST CTX and the new HITRUST Cyber Threat Management and Response Center at no cost, with the new center to be made available from October 1, 2017.