HITRUST Expands Cyber Threat Intelligence and Incident Coordination Center (C3) For Healthcare Industry

Subscribers to the HITRUST C3 have options for real-time alerting

November 22, 2013

5 Min Read


Frisco, TX – November 19, 2013 – The Health Information Trust Alliance (HITRUST) is announcing today new and enhanced offerings to the HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) aimed at moving the healthcare industry forward with regards to preparing for and responding to cybersecurity threats and attacks.

Recognizing the growing threats posed by cyber attacks targeted at healthcare organizations, HITRUST almost two years ago established a fully functional cyber threat intelligence and response capability to protect the U.S. healthcare industry from disruption by these attacks. The HITRUST C3 is the single best source of intelligence on threats targeted at healthcare organizations and medical devices, providing actionable information for strategic planning and tactical preparedness, and coordinated response for both large and small organizations. The center facilitates critical intelligence sharing through integration with the Department of Homeland Security and U.S. Department of Health and Human Services.

"As interest in the HITRUST C3 has grown, HITRUST has realized that the center must be able to support the varying levels of maturity and sophistication of the participating organizations in need of threat intelligence and response coordination," said Daniel Nutkis, chief executive officer, HITRUST. "When it comes to cyber awareness and preparedness there is not a one-size-fits-all solution. The significant updates being made to the HITRUST C3 are aimed at the needs of the entire industry."

Supported by a new partnership between HITRUST and Booz Allen Hamilton, the HITRUST C3 will offer expanded and enhanced services in three key areas for improving cyber threat intelligence in the healthcare industry. First, subscribers will now have access to more frequent anticipatory threat intelligence through daily alerts and warnings of future attacks that may threaten a healthcare organization. The probability-based warnings of future cyber attacks make it possible for an organization to anticipate an attack, understand the chances of an attacker's success and take proactive action as needed. Second, community situation awareness is being improved with daily intelligence summary products that highlight key threats, incidents and trends of global threat actors. These daily threat intelligence services will improve an organization's ability to address risks and questions regarding global threats. Finally, an increased level of customization is being offered to subscribers with the alerting and warning service tailored to the specific risks and threats for each subscriber, ensuring that the resulting threat intelligence is actionable and relevant to their organization.

Recent experience shows that cyber attacks are evolving more quickly than organizations can mount effective defenses, leading to increased risk in the healthcare sector. An effective security posture requires anticipatory and predictive intelligence as well as passive listening so that an organization can get ahead of these threats, assess risks and take appropriate defensive actions – before an attack actually occurs or in the event of a breach to expedite analysis. In addition, the information disseminated needs to be consumable based on the level of organizational maturity and information security sophistication and not only size or revenue.

"With other offerings focused primarily on operational-level information and not industry specific, we believe the HITRUST C3 is the only service that takes into account the critical need in the healthcare industry for both technical and management intelligence reporting and education," said Roy Mellinger, chief information security officer, WellPoint.

An increasingly critical area in need of additional protections is the unauthorized access to medical devices and electronic health records, and the need for better security and controls incorporated into these systems. While evolving regulations and vendor actions are beginning to address cybersecurity issues, much work remains to understand and remediate cybersecurity vulnerabilities in networked medical devices and complex electronic health record systems.

The HITRUST C3's unique ability to characterize both the complex targeted systems and the capabilities and motivations of potential threat actors provides an unprecedented capability to identify threats as they emerge and before an attack. This capability includes being able to track a threat's actions against health information systems and devices using automated collection and analysis tools, in addition to existing cyber intelligence gathering. The new and enhanced offerings available through the HITRUST C3 will address cyber threats being planned against these systems and potential targeted organizations, as well as other critical needs facing the healthcare industry.

"Medical devices introduce cyber risk; thus, with thousands of devices residing in an average hospital, the knowledge on what devices are being targeted and how is crucial in managing that risk," said Michael Pinch, chief information security officer, University of Rochester Medical Center.

The monthly threat briefings offered through the HITRUST C3 are also being enhanced to allow participants to garner greater and more actionable knowledge on recent and prospective cyber threats and events. Participants may use the briefings to interact with HITRUST C3 analysts to better understand the information being presented, shared and discussed. To help familiarize organizations with the concepts and resources available through the HITRUST C3 and better aid the industry in the use of cyber threat intelligence, HITRUST is offering complimentary access to the December Threat Briefing to any qualified healthcare organization. To request access to the December 13 Threat Briefing, please visit http://tinyurl.com/k87zj2q.

Subscribers to the HITRUST C3 have options for real-time alerting and daily, weekly and monthly products and services. A basic subscription level has been added to the HITRUST C3 to ensure the service is supporting the needs of the entire healthcare industry without a significant cost barrier.

For additional information on the items discussed in this release, please use the following resources:

· HITRUST C3 - Visit HITRUSTAlliance.net/c3.

· December Monthly Threat Briefing – to participate, please visit http://tinyurl.com/k87zj2q


The Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the CSF, a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit HITRUSTAlliance.net.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights