Sharing data critical to counter cyber risk


The effective and timely sharing of information with government is crucial in the fight to reduce cyber risk. That is the view of Daniel Nutkis, chief executive officer of the Health Information Trust Alliance (HITRUST).

The HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) focuses on active threat intelligence, information sharing and incident response. It has a cyber threat information sharing agreement with the Department of Health and Human Services and also participates in the Department of Homeland Security (DHS) Critical Infrastructure Sharing and Coordination Program.

“There is no doubt in my mind that the sharing of cyber threat information and coordinated incident response has benefited both industry and government,” said Nutkis. “Leaders in industry and government deserve credit for recognizing the importance of this effort, and working to establish and enhance a model through the HITRUST C3 for collaboration, information sharing and threat response.”

HITRUST recently set up a new health information working group aimed at supporting the White House Cybersecurity Executive Order issued on February 12th 2012.

The group will be known as the HITRUST Cybersecurity Working Group. It will initially focus on the need to establish a set of standards, methodologies, procedures and processes that align policy, business and technological approaches to address cyber risk, bringing together government and industry with the common aim of improving cyber security in healthcare.

"The Department of Health and Human Services has first-hand experience that collaboration with industry can provide value to both industry and government,” said Kevin Charest, chief information security officer, Department of Health and Human Services.

“Our active participation in the HITRUST C3 allows us to share important cyber threat information, interact in a trusted forum with other healthcare organizations, and receive similar information in return. We look forward to participating with industry in the HITRUST Cybersecurity Working Group on cyber security best practices.”

cyber risk, sharing data, HITRUST