Feds hike support for cyber threat collection, distribution

New funds totaling $350,000 from the Department of Health and Human Services will help the National Health Information Sharing and Analysis Center (NH-ISAC) in Ormond Beach, Fla., to expand dissemination of cyber threat information and support educational programs.

The center is one of several information sharing and analysis centers (ISACs) serving various industries. To date, there are very few ISACS serving the healthcare sector and HHS was looking to aid an established ISAC to reach more stakeholders, says Denise Anderson, president of NH-ISAC.

“Through a streamlined cyber threat information sharing process, HHS will be able to send cyber threat information to a single entity, which then will share that information widely to support the full range of stakeholders,” HHS said in a statement. “This approach helps ensure that smaller healthcare providers have the information they need to take appropriate action.”

NH-ISAC already has partnered with the FBI and Secret Service for a series of roadshows in 14 cities, with other shows done in concert with such organizations as the American Hospital Association, American Medical Association and the College of Healthcare Information Management Executives.

It also has coordinated with financial services ISACS and 21 state ISACs to educate various industries, including local airports, along with doing shows with major security vendors such as Palo Alto Networks and Symantec.

Also See: HITRUST begins sharing cyber threats with Homeland Security

Various ISACs across the nation regardless of the industries they serve are almost on a daily basis communicating with each other, says Anderson. NH-ISAC has been operating since 2010 and provides its services primarily to stakeholders that have paid a fee to be a member and receive reports of new threats, called “indicators of compromise.” These members include hospitals, pharmacies, pharmaceutical companies, insurers, laboratories and radiological firms, among others. However, when a major attack event occurs, such as the ransomware attack on Hollywood Presbyterian Medical Center, NH-ISAC releases a broad alert throughout the industry.

Larger organizations that are members of NH-ISAC work to mentor smaller healthcare organizations, but Anderson acknowledges that such efforts continue to be challenging, yet mentors continue to alert others to educate them on cybersecurity and share threat data.

“It’s not just data; it could also be lives as devices and hospitals become more connected to the Internet,” Anderson asserts. More information on NH-ISAC is available here.

For reprint and licensing requests for this article, click here.