Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Opinion
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Video Series - The Check Up
    • Sponsored Video Series - One on One
  • Data Center
    • Data Center Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Technology
December 05, 2015 12:00 AM

Commentary: Intelligence sharing, collaboration essential to eliminate cyberthreats in healthcare

Daniel Nutkis
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print
    Daniel Nutkis is the founder and CEO of the Health Information Trust Alliance, or HITrust.

    It's time for a new level of collaboration within the healthcare industry to promote and improve cyberthreat preparedness and response. There is ample evidence that one of the best ways to recognize and prepare for a cyberbreach or other event is to share threat intelligence. Protecting personal health information from cyberthreats is no exception.

    The Health Information Trust Alliance, or HITrust, has been an industry pioneer in cyberthreat information sharing among trusted peers. It was the first healthcare-based information-sharing and analysis organization, through its Cyber Threat XChange (CTX), which is offered to all healthcare organizations free of charge.

    HITrust's analysis of activity through CTX has revealed substantial gaps in how healthcare organizations identify and share crucial cyberthreat information, which security professionals refer to as indicators of compromise, or IOCs. It's important to note that only a small percentage of organizations—just 5%—contributed these important IOCs to the CTX, while 85% of organizations simply identified or reviewed them during the same sample period.

    This shows that the vast majority of organizations are either unwilling or unable to contribute or share the threat indicators they have identified at their organizations for the greater good of the industry, yet they want those shared by others.

    The results of this report should send a clear message to everyone in the healthcare industry to get more engaged in programs that include cyberthreat intelligence sharing, and help ensure security is a top priority for all stakeholders. We know it's certainly a high priority for the patients they serve.

    The mantra for physical security is, “If you see something, say something.” The same posture and diligence should be adopted in the healthcare industry regarding cybersecurity.

    Passive, weak or a complete lack of collaboration will simply not help us protect the sacred trust that patients have given to their care providers and others with whom they communicate their most personal information. Every week, we hear about “bad actors” seeking out personal health information. We must find a way to work collectively and to aggressively outthink and outmaneuver those bad actors.

    Many organizations cite resource limitations, legal concerns, corporate policies or similar constraints to explain why they don't share their IOCs with the industry, but these concerns and risks have been addressed in collaboration with leading industry organizations that understand the need and importance of sharing.

    Simply put, this is a time for radical collaboration, where everyone is proactively watching out for everyone else, not just waiting for others to take the initiative. We need both good leaders and good collaborators.

    We, individually and collectively, know the value of information-sharing, but without full participation, the important benefits cannot be realized. That's why HITrust is issuing a call to action for our industry to help advance cyberthreat intelligence sharing.

    How do we do this?

    Interested in submitting a Guest Expert op-ed? View guidelines at modernhealthcare.com/op-ed. Send drafts to Assistant Managing Editor David May at [email protected]

    Organizations must share cyber-threat indicators to fulfill their roles for the benefit of all. Legislators and government can help by ensuring that there are adequate liability protections and incentives to encourage the sharing of cyberthreat information.

    Yes, there are resource and financial limitations that must be considered, but we need to take advantage of all opportunities to leverage information- security technologies and outsourced services, where appropriate, to raise the bar and improve efficiencies.

    In addition, we must enhance and improve key areas of security and risk management, such as:

    • Adopting more agile information-security control frameworks that provide cybersecurity guidance
    • Synchronizing a wide range of regulations and best practices
    • Seeking better threat-intelligence sharing and collaboration between government and the private sector
    • Adopting uniform risk-assessment guidance to ensure the effectiveness of security programs
    • Granting safe harbors and incentives for organizations that step up and demonstrate compliance with recognized information-security frameworks
    As with all threats in all industries—none more important than healthcare—radical collaboration is the key. I am calling on everyone to watch out for each other by getting actively engaged in cyberthreat sharing, cyberpreparedness and response exercises, and participating in the standards development process to improve the resources available for the benefit of our industry and our nation.

    Remember, as it relates to protecting health information, “If you see something, share something.”

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    Chat-GPT-healthcare-2.png
    Why Boston Children's wants to hire a ChatGPT expert
    Screen Shot 2018-12-19 at 1.36.49 PM.png
    GE HealthCare stock drops despite revenue growth
    Most Popular
    1
    More healthcare organizations at risk of credit default, Moody's says
    2
    Centene fills out senior executive team with new president, COO
    3
    SCAN, CareOregon plan to merge into the HealthRight Group
    4
    Blue Cross Blue Shield of Michigan unveils big push that lets physicians take on risk, reap rewards
    5
    Bright Health weighs reverse stock split as delisting looms
    Sponsored Content
    Health IT Strategist (HITS) Newsletter: Sign up for the latest IT and medical technology news delivered 3 days a week (M, W, F).
     
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Opinion
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Video Series - The Check Up
      • Sponsored Video Series - One on One
    • Data Center
      • Data Center Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing