HHS CISO talks new threat briefings, alerts for health industry

Share this article:
HHS CISO talks new threat briefings, alerts for health industry
The new threat alert system for the health care industry will enhance cyber readiness.

The U.S. Department of Health and Human Services' CISO shared how a new threat alert system for the health care industry will enhance the cyber readiness of the public and private sectors.

On Thursday, Kevin Charest spoke to SCMagazine.com about the initiative – a partnership effort between DHHS and the Health Information Trust Alliance (HITRUST).

The agency and HITRUST, which helped establish the Common Security Framework for protecting personal health and financial data, also teamed up earlier this year to announce ongoing cyber attack exercises, dubbed “CyberRX,” to test the industry's threat preparedness.

Now, the entities have announced that they will conduct monthly cyber threat briefings to help organizations understand risks impacting the industry. In addition, an alert system established by HITRUST, called “C3 Alert” will also be available to notify organizations of threats.

The alert system was designed to pinpoint high probability and high impact cyber threats targeting the industry, according to a release on the initiative.

In a Thursday interview, Charest told SCMagazine.com that the joint effort was born out of DHHS and HITRUST's continued collaboration in sharing basic threat information impacting the health care sector. Both entities have erected threat centers, he added.

“We don't have the ability to issue alerts to any and everybody, but what [DHHS] can do, and what we are doing, is partnering with folks like HITRUST who have a constituency,” Charest said, later adding that the system would become “self sustaining” with the input and feedback.

A press release explained that the free cyber alerts are to be issued anytime HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) “identifies a present and immediate cyber threat relevant to a large number of health care organizations, medical devices or systems.”

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.