Given the increase in cyber security threats and attacks impacting the healthcare industry, healthcare leaders have collaborated with the Health Information Trust Alliance (HITRUST) to develop Cyber Threat XChange (CTX). HITRUST CTX is designed to serve as an early warning system, enabling healthcare IT security teams to detect and respond to cyber threats earlier.
Preparation against cyber security threats
HITRUST CTX is based on an automatic process for analyzing and gathering threats, as well as electronically distributing information in a timely manner so healthcare organizations can use to improve their defenses against attacks. It will also allow for the exchange of cyber threat indicators contributed by organizations throughout industry. Additionally, HITRUST CTX will take threat indicators contributed by organizations and analyze them against other threat sources outside of the healthcare industry.
According to an announcement issued by HITRUST, “Cyber criminals are coordinated in their shared threats, practices and procedures and synchronize assaults across multiple companies. Organizations need a mechanism to identify these patterns and need to move quickly to address these cyber security threats before they are targeted and long before any of their internal systems pick up signs of an attack.”
Many healthcare organizations lack the resources or expertise to fully protect and prepare themselves against cyberattacks. As a result they are challenged to anticipate, prioritize and act upon the growing list of cyber security threats. At the same time, cyber criminals have discovered the ease in which they can obtain personally identifiable information such as names, birthdates and social security numbers from healthcare organizations. In the case of the Premera data breach, hackers also accessed medical claims information which offers them the opportunity to blackmail individuals who may not want that sensitive information to be made public.
The HITRUST CTX project leverages the knowledge and experience of leading healthcare providers from across the country. Initial participating organizations include: Health Care Services Corp.; Highmark Health; Humana; Seattle Children’s Medical Center; UnitedHealth Group; University of Rochester Medical Center; and WellPoint.
Cyber security briefings conducted by HITRUST and HHS
In addition to the new CTX system, HITRUST has also combined forces with the U.S. Department of Health & Human Services (HHS) to conduct monthly threat briefings. Held online, these briefings are designed to serve as a forum for healthcare organizations, providing them with updates on current and ongoing cyber threats as well as support.
“Collaboration is crucial to reducing cyber threats for the entire healthcare industry, including the government,” Kevin Charest, chief information security officer for HHS, said, according to the announcement. “These briefings and alerts allow us to better disseminate valuable and critical information to healthcare organizations more effectively so they can better prepare and respond to cyber threats and events.”
Need help understanding how your organization’s security posture stands up to the latest cyber threats? The HOSTING Security Assessment Service™ offers complete and verified analysis of an organization’s entire IT environment to prepare for unforeseen threats – and provide peace of mind. Contact HOSTING anytime to learn more.