Connect with us

Hi, what are you looking for?



Healthcare Group Launches Cyber Threat Service for Intelligence Sharing, Collaboration

HITRUST Launches Cyber Threat Analysis Service for the Healthcare Industry

An industry association of healthcare providers, technology companies and government agencies launched a cybersecurity service intended to facilitate information sharing within the health care sector.

HITRUST Launches Cyber Threat Analysis Service for the Healthcare Industry

An industry association of healthcare providers, technology companies and government agencies launched a cybersecurity service intended to facilitate information sharing within the health care sector.

The Cyber Threat Analysis Service (C-TAS) will provide up-to-date threat intelligence and vulnerability research affecting the health care industry, the Health Information Trust Alliance (HITRUST) said. HITRUST is a group of healthcare business technology and information security experts focused on fostering collaboration within the industry.

HITRUSTHealthcare organizations need a high level of protection because their systems contain personal health information and financial data for patients as well as sensitive intellectual property, HITRUST said. With C-TAS, organizations can get information on verified threats against real-world targets, sector-specific technical analysis, and detailed risks assessments on technology and business practices.

“The HITRUST C-TAS is a major step forward in the availability of tools and knowledge for organizations to prepare and respond to cyber incidents, and to better protect this critical industry,” said Daniel Nutkis, HITRUST’s CEO.

Attacks against healthcare information systems are increasing exponentially and becoming more sophisticated and targeted, HITRUST said. Data breaches in healthcare jumped more than 30 percent from 2010 to 2011 and the average economic impact of a data breach was $2.2 million, according to a report by the Ponemon Institute.

“Cyber-threats targeting the health care sector are very unique, and it’s important to craft sector-specific threat intelligence capabilities and products,” John Watters, CEO of iSight Partners, said in a statement.

As part of the HITRUST’s Cybersecurity Incident Response and Coordination Center, established back in April, C-TAS will encourage industry collaboration and advanced data analysis techniques through a community-based platform that supports vulnerability reporting, intelligence sharing and collaboration on cybersecurity threat data. The platform will also offer research and briefings on cyberdefense best practices, HITRUST said.

Advertisement. Scroll to continue reading.

C-TAS will offer five types of reports, including healthcare incident and malware reports, vulnerability research, industry threat reports, malware research and a “threat briefing.” The reports target different types of security professionals within the healthcare organization.

Incident and malware reports will be based on real-world attacks against healthcare entities and contain technical analysis useful for security operations teams and technical investigators. The malware research report contains technical information on unidentified or suspected malicious software.

The vulnerability research reports will include analysis of vulnerabilities in technologies commonly used in the healthcare sector, such as medical device technologies, electronic health record or electronic medical record systems, and supporting technologies. These reports will target the security professional managing IT vulnerabilities.

The industry threat reports offer contextual analysis regarding emerging threats to the healthcare industry. These reports give information security professionals and chief information security officers information they need to prioritize information security spending and initiatives. CISOs can also receive updates from intelligence analysts regarding emerging threats through the threat briefings.

C-TAS will be available with an annual subscription fee. Pricing varies with the company’s total revenue and the actual set of deliverables being subscribed, a HITRUST spokesperson told SecurityWeek. The five deliverables are packaged in four distinct tiers. The fee for a company interested in all deliverables and having more than $50 billion in annual revenue, would be $60,000, HITRUST said. The lowest tier, which includes just the incident and malware reports, vulnerability research, and the threat report, will cost organizations with less than $5 billion annual revenue about $15,000 under this model.

HITUST is partnering with iSight Partners for the new platform. The Department of Veterans Affairs, assorted health insurers, health systems, pharmaceutical companies, pharmacies, and pharmacy benefit managers will be participating in C-TAS.

“By combining world-class intelligence analysis capability with broad industry collaboration, a ‘community defense’ model can be achieved,” HITRUST said.

HITUST’s goals for C-TAS also includes protecting electronic health records and medical devices from suspicious network threats by encouraging government officials and health care providers to share threat intelligence with each other.

The Departments of Health and Human Services, Veteran Affairs and Homeland Security all are part of HITRUST, as well as IT companies such as McKesson and insurance providers such as WellPoint.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...