Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

7/24/2012
08:48 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

HITRUST Expands Cybersecurity Center With Launch Of First Cyber Threat Analysis Service For Healthcare Industry

Service is a new component of the recently announced HITRUST Cybersecurity Incident Response and Coordination Center

Frisco, TX – July 24, 2012 – The Health Information Trust Alliance (HITRUST) today launched the HITRUST Cyber Threat Analysis Service (C-TAS), a unique collaborative platform for cyber defense specific to the healthcare industry and a new component of the recently announced HITRUST Cybersecurity Incident Response and Coordination Center. HITRUST C-TAS participants represent the full spectrum of the healthcare ecosystem such as health systems, health plans, pharmacy benefit managers (PBMs), pharmacies and pharmaceutical manufacturers, as well as government organizations such as the Department of Health and Human Services (DHHS) and the Department of Veterans Affairs (VA). By combining world-class intelligence analysis capability with broad industry collaboration, a “community defense" model can be achieved.

The HITRUST C-TAS represents a major step for the healthcare industry in proactively protecting vital electronic health data and the nation’s critical infrastructure against cyber crime, cyber espionage and cyber activism. It also represents an industry first in tracking vulnerabilities for electronic health record systems (EHRs) and medical devices. These systems are critical for continuing industry operations and reducing vulnerabilities that could cause disruption is a key priority. HITRUST is tackling a crucial problem not addressed by other services.

Attacks against healthcare information systems - which are inherently vulnerable to unauthorized access and contain personal health information, consumer data, intellectual property and trade secrets - are increasing exponentially and becoming more sophisticated and targeted. Data breaches in healthcare jumped more than 30 percent from 2010 to 2011 and the average economic impact of a data breach was $2.2 million, including an increase from 20 to 30 percent of respondents reporting criminal attacks as the root cause, according to the December 2011 Second Annual Benchmark Study on Patient Privacy & Data Security by Ponemon Institute.

With the Cyber Threat Analysis Service, HITRUST aims to deliver:

·

A comprehensive set of cyber threat intelligence specific to the healthcare industry: Monitoring or “listening” for healthcare specific threats and risks

·

A trusted community-based platform: Vulnerability reporting, knowledge sharing and collaboration without attribution to victim organizations

·

Support of best practices: Structured deliverables, in the form of research, reports and briefings for multiple user groups: operations, investigators, and chief information security officers

“The level of collaboration we are experiencing across the healthcare industry and with government agencies, EHR vendors and medical device manufacturers is unprecedented and reflects the importance to the industry,” said Daniel Nutkis, chief executive officer, HITRUST. “The HITRUST C-TAS is a major step forward in the availability of tools and knowledge for organizations to prepare and respond to cyber incidents, and to better protect this critical industry.”

Identified as one of the 18 critical infrastructure sectors by the Department of Homeland Security (DHS), healthcare and public health (HPH) constitutes 17 percent of the Gross National Product and protects all sectors of the economy. The sector is unique in that the vast majority of the assets are privately owned and operated, yet at the same time highly interconnected, making collaboration and information sharing between public and private organizations essential to increasing resilience of the nation's HPH critical infrastructure.

The HITRUST Cybersecurity Incident Response and Coordination Center is coordinating with the DHS for participation in the Critical Infrastructure Information Sharing and Collaboration Program (CISCP). In addition, it is developing processes for information sharing with the Homeland Infrastructure Threat and Risk Analysis Center (HITRAC) in order to enable greater collaboration and information sharing between industry and government, and to enable better preparedness and response to threats targeted against all of critical infrastructure, including the healthcare industry and its assets.

The HITRUST C-TAS is the result of a partnership with iSIGHT Partners, a global cyber intelligence firm supporting leading commercial entities and federal, state, and local government organizations. “Cyber threats targeting the healthcare sector are very unique and it’s important to craft sector-specific threat intelligence capabilities and products,” commented John Watters, chief executive officer, iSIGHT Partners. “‘One company’s detection is the next company’s prevention,’ and in this spirit we are working together as a community and leveraging our collective capabilities and insights to help the industry navigate its adaptive threat environment.”

Support for HITRUST Cyber Threat Analysis Service

“As EHR systems have evolved and matured into a critical component in the delivery and management of patient care, it is important that the method for managing and communicating security vulnerabilities matures as well,” said Michael Wilson, vice president and chief information security officer, McKesson. “McKesson is committed to working closely and effectively with our customers when it comes to security of our products. Helping establish a robust and uniform approach to vulnerability submission and reporting for EHRs benefits not only our customers, but the entire industry.”

“With tens of thousands of medical devices in use in our facilities across the country, being able to protect these devices from cybersecurity threats is a key priority for us,” said John Oswalt, associate deputy assistant secretary for Policy, Privacy & Incident Response, the Department of Veterans Affairs. “Having a resource that allows us to have a standardized approach to communicating and understanding security concerns with these devices and to collaborate with experts, device manufacturers and others in industry to better protect them is a major step forward for the entire industry. We are happy to be playing a role in making it happen.”

“When the first discussions occurred last year on the creation of an industry C-TAS, I strongly supported the goal as I saw this as a crucial tool for the industry,” said Roy Mellinger, vice president and chief information security officer, WellPoint. “The resources offered from threat intelligence and analysis targeted specifically at healthcare and healthcare related systems to threat reports and alerts allows every organization to benefit by making information more targeted, readily accessible and meaningful.”

"The healthcare industry is continuing to evolve and change at a rapid pace, and with that, comes the advent of advanced technology which allows the entire system - including payers, providers and members - to have a more cohesive, coordinated and comprehensive continuum of care. In order to prevent and combat fraud or security issues, we need to be more proactive as an industry. By collaborating on best practices, we will be able to prevent and rectify security threats while, at the same time, allowing innovation to continue,” said Raymond Biondo, vice president and chief information security officer, Health Care Service Corporation.

HITRUST Cyber Threat Analysis Service Use Cases and Deliverables

Most healthcare information security professionals are finding that it is not economically viable to create and manage their own comprehensive threat intelligence center, where they have to rely on commercial threat feeds and try to find signals in the noise that relate to their industry and their organization. With the HITRUST C-TAS, organizations can address these core use cases: 1) Verified Threats; 2) Sector-Specific Technical Analysis; 3) Technology Risk Analysis; and 4) Business Risk Analysis.

Subscribers can choose from four tiers of pricing that packages a combination of or all five deliverables:

Healthcare Incident & Malware Reports: Intelligence reports with technical analysis for professionals performing security operations and technical investigations – based on real world attacks against healthcare entities.

Healthcare Vulnerability Research: Intelligence reports with technical analysis for professionals managing IT vulnerabilities. Includes analysis of vulnerabilities in technologies commonly used in the healthcare sector, such as medical device technologies, electronic health record or electronic medical record systems, and supporting technologies.

Healthcare Industry Threat Report: Intelligence reports to provide contextual analysis to information security professionals, chief information security officers and other stakeholders regarding emerging threats to the healthcare industry so they can prioritize investments in information security initiatives.

Healthcare Malware Research: Technical support for professionals performing security operations and technical investigations so they can receive more information on unidentified or suspected malicious software.

Healthcare Threat Briefing: Forum for chief information security officers to receive updates from security intelligence analysts regarding emerging threats to the healthcare industry so that they can prioritize investment in information security initiatives.

To download a brochure with more details, pricing and availability visit: http://www.hitrustalliance.net/c-tas/.

About HITRUST The Health Information Trust Alliance (HITRUST) was born out of the belief that information security should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the Common Security Framework (CSF), a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit www.HITRUSTalliance.net.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).