The HITRUST Alliance and cybersecurity solutions company Trend Micro have partnered to create the HITRUST Cyber Threat Management and Response Center, with the aim to enhance the capabilities of HITRUST’s cyber threat information sharing program for healthcare.
The program, the HITRUST Cyber Threat XChange (CTX), is an active cyber threat sharing platform that automates the process of collecting and analyzing cyber threats and distributing actionable indicators (IOCs) that organizations of varying sizes and cyber security maturity can utilize to improve their cyber defense. It supports more than 1,600 organizations in cyber information sharing, according to officials.
Now, this new center plans to offer capabilities that are a “significant advancement in aiding organizations across varying cybersecurity maturity levels to defend against the increasing volume and sophistication of cyber threats. It will also speed delivery of cyber threat research and education to improve organizational cyber threat management,” according to HITRUST officials.
Although cyber threat information sharing is generally defined in terms of a broad set of activities, ranging from collecting, analyzing and distributing indicators of threats and compromise to education and awareness around cyber hygiene and response, not much consideration is given to the ability of the recipient to consume the information and react, commensurate with the maturity of its information security resources, security technologies and processes, more specifically, how the information impacts their ability to mitigate a cyber threat.
HITRUST officials offer the example of recent global ransomware events such as WannaCry and Petya, which left many organizations scrambling to determine their risk and to sort fact from fiction from multiple sources. Through the CTX, though, HITRUST tracked both outbreaks closely and initiated outreach early after detection to the industry – providing thousands of participants with timely information updated frequently as the threats emerged. In fact, the HITRUST CTX reported on WannaCry and distributed the threat indicators almost 14 days prior to the first reported organization impacted, the alliance’s officials attest.
But still, despite these early efforts, many organizations were not able to effectively consume and leverage the information and mitigate risk from this cyber threat. As such, the new HITRUST Cyber Threat Management and Response Center represents a unique opportunity for the industry and delivers on the information sharing key imperatives outlined in the recent HHS Cybersecurity Task Force report, its officials say. Specifically, the HITRUST Cyber Threat Management and Response Center “will deliver capabilities to address cyber threat management, defense, and response based on an organization’s cyber maturity level.”
The HITRUST Cyber Threat Management and Response Center will be available beginning October 1, 2017. HITRUST will continue to offer basic access to the HITRUST CTX and the new HITRUST Cyber Threat Management and Response Center at no cost.