Threat analysis center aims to engage smaller healthcare organizations


The National Health Information Sharing and Analysis Center (NH-ISAC) plans to use two new grants to help engage smaller healthcare organizations in threat analysis and preparedness, according to President Denise Anderson.

Earlier this month, the organization received one grant from the Health and Human Services Department's Office of the Assistant Secretary for Preparedness and Response to build infrastructure for threat-sharing, and another from the Office of the National Coordinator for Health IT to improve threat education to healthcare stakeholders.

"Our goal is to leverage what we're already doing and make it more available to everyone in the sector," Anderson told HealthcareInfoSecurity in a recent interview.

The organization has faced criticism that its work benefits mainly large organizations that can afford to participate and have more cybersecurity resources already, according to Anderson. She heard similar claims, she said, when working with the financial services ISAC.

“Some of the larger organizations within healthcare do truly look at themselves as mentors and take responsibility for security in the sector at large very seriously," Anderson said. "Their philosophy is a rising tide lifts all boats."

A number of services have been developed along those lines, including CyberFit, which involves the ISACs community, to make services available that smaller organizations might not be able to afford, such as malware analysis and penetration testing.

NH-ISAC also is looking for ways to deploy alerts more broadly to the sector. With the Hollywood Presbyterian ransomware attack, it determined the problem was a JBoss vulnerability and warned organizations they needed to disable the console. The grant, Anderson said, will mean being more focused and doing more of that even with the day-to-day sharing that goes on.

The organization plans to also provide more education through webinars and workshops. It recently co-hosted a 14-city series of events on ransomware, according to HealthcareInfoSecurity.