Cybersecurity Can be Improved with Info Sharing, Says NH-ISAC

A new intelligence platform from the National Health Information Sharing & Analysis Center (NH-ISAC) looks to make cybersecurity easier for organizations. Specifically, NH-ISAC wants to use cyberthreat information sharing to company security issues.

The new NH-ISAC Threat Intelligence Platform uses technology from security vendors and leverages standards such as Structured Threat Information eXpression, or STIX, and Trusted Automated eXchange of Indicator Information, or TAXII, according to a Gov Info Security article.

“We expect this platform will provide our members with greater and earlier insight into new attack patterns, whether it is social engineering, spear phishing, or malware,” said NH-ISAC Executive Director Deborah Kobza.

NH-ISAC and its members can communicate threats information to one another, Kobza told the news source, adding that attack vectors will be more evolved in 2015. Therefore, it’s “necessary to use tools which allow you to identify incidents quicker and with the higher level of confidence that comes from shared threat intelligence.”

The new system lets NH-ISAC members automate their cybersecurity information sharing, while leveraging structured formats compliant to STIX and TAXII, Kobza explained. Members can then use the gathered intelligence according to their own security policies.

“We need to be doing more to work together to share information that can improve the overall resiliency of the healthcare sector, particularly as the threats themselves continue to evolve,” Kobza said. “It’s our belief that this platform will allow members to both easily consume threat intelligence as well as provide a secure platform to exchange identified threat indicators among their peers.”

Similarly, HITRUST launched its own cybersecurity platform earlier this year. Cyber Threat XChange (CTX) is a detection and warning system for the healthcare industry. The HITRUST platform will “automate the process of collecting and analyzing cyber threats,” according to an agency press release. Moreover, HITRUST CTX will distribute “actionable indicators in electronically consumable formats that organizations of almost all sizes and cyber security maturity can utilize to improve their cyber defenses.”

“HITRUST CTX is component of a larger HITRUST strategy to safeguard the healthcare industry from cyber threats and minimize disruptions associated with cyber attacks,” HITRUST CEO Daniel Nutkis said in a statement. “Other components of the strategy include HITRUST C3, a cyber threat intelligence and incident coordination center, and CyberRX, industry cyber preparedness exercises, as well as timely updates to the HITRUST CSF to ensure existing security control guidance reflects cyber threats, and free monthly cyber threat briefings.”

The American Hospital Association (AHA) recently wrote a letter that echoed the NH-ISAC collaboration sentiments. Specifically, the AHA wants the Food and Drug Administration (FDA) to hold medical device manufacturers accountable for healthcare security. The FDA should also encourage manufacturers to participate in existing activities to share information on cyber risk in the healthcare and public health sector (HPH), the letter stated.

Medical device manufacturers should also participate in existing information sharing activities, including but not limited to such the Healthcare and Public Health Sector Coordinating Council, the Healthcare and Public Health Information Sharing and Analysis Center (NH-ISAC) and the Health Information Trust Alliance (HITRUST), wrote AHA Senior Vice President of Public Policy Analysis and Development Linda Fishman.