HITRUST partners with DHS to form cyber threat platform


HITRUST partners with DHS to form cyber threat platform

Titima Ongkantong/Shutterstock

The Health Information Trust Alliance (HITRUST) has become the first healthcare information-sharing organization connected and sharing cyber threat indicators with the Department of Homeland Security’s (DHS) Automated Indicator Sharing (AIS) program.

The HITRUST Cyber Threat XChange (CTX) is now fully integrated with AIS and supports bi-directional cyber threat indicator exchange with AIS to aid organizations in reducing their cyber risk.

Given the recent rise in cyber threats targeting the healthcare industry, HITRUST believes bi-directional integration into the AIS program will ensure that relevant and timely cyber threat information (CTI) from HITRUST and government are available, ultimately bolstering the overall cyber posture of the nation’s entire critical infrastructure.

DHS’s AIS capability enables the exchange of cyber threat indicators between the federal government and the private sector at machine speed. AIS is part of DHS’s effort to create an ecosystem where, as soon as an organization or federal agency observes an attempted compromise, the CTI will be shared in real time through AIS to more effectively protect organizations from that particular threat.

“The AIS integration shows that HITRUST continues to evolve, improve, and lead by example by innovating and ensuring cyber threat information sharing is providing the most value to the broadest group of constituents while reducing overall cyber risk,” said Daniel Nutkis, chief executive officer, HITRUST.

“In addition to helping CTX participants overcome technical challenges, we wanted to educate them on the value of AIS and assure them that any information shared is anonymized in order to reduce liability concerns, while affording them the liability protection provided under the Cybersecurity Information Sharing Act.”

HITRUST, Department of Homeland Securities, US, Automated Indicator Sharing, Healthcare, Risk management, Cyber risk, Technology, IT, Daniel Nutkis