Skip to content Skip to navigation

HITRUST Connects With DHS's Cyber Threat Sharing Program

October 3, 2016
by Heather Landi
| Reprints

The Health Information Trust Alliance (HITRUST), a healthcare information sharing organization based in Frisco, Texas, announced last week that it is now connected and sharing cyber threat indicators with the Department of Homeland Security’s Automated Indicator Sharing (AIS) program.

The HITRUST Cyber Threat XChange (CTX), the health industry’s Information Sharing and Analysis Organization (ISAO), is now fully integrated with AIS and supports bi-directional cyber threat indicator exchange with AIS to aid organizations in reducing their cyber risk, HITRUST said in a press release.

“Given the recent rise in cyber threats targeting the healthcare industry, HITRUST believes bi-directional integration into the AIS program will ensure that relevant and timely cyber threat information from HITRUST and government are available – ultimately bolstering the overall cyber posture of all of the nation’s critical infrastructure,” the organization stated.

The Department of Homeland Security’s AIS capability enables the exchange of cyber threat indicators between the federal government and the private sector at machine speed. AIS is a part of Homeland Security’s effort to create an ecosystem where, as soon as an organization or federal agency observes an attempted compromise, the cyber threat information will be shared in real time through AIS to more effectively protect organizations from that particular threat.

HITRUST has already been sharing cyber threat information in near real-time through the HITRUST CTX with organizations in the healthcare sector as well as other industries.

HITRUST CTX continues to improve in the number of unique indicators of compromise (IOCs) it shared across healthcare organizations each month – going from 186 unique IOCs during September 2015 to 5,158 during September 2016, according to HITRUST. Additionally, a recent review found HITRUST’s Enhanced IOC Collection Program is capturing many IOCs before any other public or commercial source, with more than 50 percent of the overlapping IOCs seen by HITRUST first, and many more being seen solely by HITRUST.

HITRUST also recently announced the CyberAid program, which identifies effective security solutions for smaller healthcare organizations, making it possible for them to contribute cyber threat indicators to the HITRUST CTX in near real-time. This development expands HITRUST’s cyber threat information collection network and the effectiveness of that sharing to support healthcare in cyber risk mitigation.

“The AIS integration shows that HITRUST continues to evolve, improve, and lead by example by innovating and ensuring cyber threat information sharing is providing the most value to the broadest group of constituents while reducing overall cyber risk,” Daniel Nutkis, CEO of HITRUST, said in a prepared statement. “In addition to helping CTX participants overcome technical challenges, we wanted to educate them on the value of AIS and assure them that any information shared is anonymized in order to reduce liability concerns, while affording them the liability protection provided under the Cybersecurity Information Sharing Act.”

 

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

ECRI Institute Publishes Guidance for Protecting Medical Devices from Ransomware Attacks

The ECRI Institute has released a new guidance article, "Ransomware Attacks: How to Protect Your Medical Device Systems, with recommendations to help hospitals identify and protect against ransomware attacks.

Survey: Stakeholders Predict More Medical Device Attacks as Security Lags

Some 67 percent of medical device manufacturers and 56 percent of healthcare delivery organizations (HDOs) believe an attack on a medical device built or in use by their organizations is likely to occur over the next 12 months.

AMIA Urges FCC to Consider Access to Broadband a Social Determinant of Health

The American Medical Informatics Association (AMIA) is calling on the Federal Communication Commission’s (FCC) to b support broadband-enabled health care delivery by bolstering its efforts to better target those with chronic conditions, and ensure that those populations have access to affordable broadband and broadband-enabled health technologies.

Reports: VA Secretary Won’t Ask for IT Funding with Uncertainty Surrounding VistA

While many federal agencies saw cuts across the board in President Trump’s 2018 budget request this week, the Department of Veterans Affairs (VA) got a spending boost, albeit not related to information technology.

Mount Sinai Creates Imaging Research Warehouse

The Mount Sinai Health System in New York has created a database that integrates clinical imaging with electronic health records to allow researchers to identify new patterns in the data.

CBO Analysis Estimates House-Passed AHCA Would Leave 23 Million More Uninsured by 2026

If enacted, the American Health Care Act (AHCA) would reduce the federal deficit over the 2017-2026 period by $119 billion and increase the number of people who are uninsured by 23 million in 2026, relative to current law, according to a cost estimate by the Congressional Budget Office (CBO) and the Joint Committee on Taxation (JCT).