HITRUST, a healthcare industry stakeholder coalition working to improve cybersecurity, has launched its third major service during 2014.

In March, the organization started offering free monthly healthcare cyber threat briefings in partnership with the Department of Health and Human Services. Last spring, it also pilot tested a cyber attack simulation exercise in which a third party launches real but harmless attacks on participating organizations’ information networks to assess how well they recognize and respond to the attack. That program is accelerating this month as about 750 healthcare organizations are participating and being attacked, with three levels of sophistication depending on each participant’s security readiness.

Now, HITRUST has built and is pilot testing the Cyber Threat XChange (CTX), an automated service to provide early detection and faster analysis of cyber threats that participating organizations collect and submit to CTX.

Initial pilot participants include Express Scripts, Health Care Services Corp., Highmark Health, Humana, Seattle Children’s Medical Center, UnitedHealth Group, University of Rochester Medical Center, WellPoint and secure cloud hosting vendor FireHost. HITRUST expects CTX to go live in January 2015.

CTX also will analyze the threat indicators it collects against other threat sources across multiple industries and against the United States Computer Emergency Readiness Team, called US-CERT and in the Department of Homeland Security. US-CERT coordinates cyber information sharing and managing of risk.

“Although the methods used by threat actors may be similar across industries, understanding the motives and targets affords valuable insights currently not available and critical for early response and alerting specific for the entire healthcare industry,” according to a HITRUST explanation of the need for CTX. Consequently, CTX will enable healthcare organizations “to sift through tens of thousands of cyber threats to identify which threats they should be worried about now.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access