ThreatStream Joins Forces with HITRUST to Speed Detection of Cyber Threats Targeting Healthcare Industry

ThreatStream, the leading provider of an enterprise-class threat intelligence platform, today announced a groundbreaking partnership with Health Information Trust Alliance (HITRUST), the leader in information risk management supporting the healthcare industry. Through this partnership, HITRUST is offering the HITRUST Cyber Threat XChange (CTX), powered by ThreatStream, a service that streamlines cyber threat information sharing and significantly accelerates detection of and response to cyber threats targeted at the healthcare industry.

Since healthcare information has tremendous value to would-be hackers and identity thieves, the healthcare industry is increasingly the target of cybersecurity attacks. Credit card information is worth up to a few dollars on the black market; healthcare information can fetch 50-100 times more than credit card information. While credit cards can easily be cancelled, healthcare information contains addresses, employment information, social security numbers and emergency contact information that could be used to sign up for new credit cards or to commit insurance fraud.

HITRUST understands the security requirements of healthcare organizations and operates a federally recognized Information Sharing and Analysis Organization (ISAO) that includes cyber threat data from the Department of Health and Human Services (HHS) and the United States Computer Emergency Readiness Team (US-CERT). Through its partnership with ThreatStream, HITRUST is providing a platform that is enabling the healthcare industry to collaborate and share information about threats, boosting the industry’s proactive awareness of potential problems.

Now organizations can easily share indicators of compromise (IOCs) with all other participating organizations.  In addition, the ThreatStream platform at the heart of CTX supports the STIX and TAXII formats and incorporates real-time security infrastructure integration. This means that all of the organizations in the HITRUST community can easily integrate CTX with their existing security infrastructure, enabling IOCs to be easily consumable and actionable.  The standards support, and easy security infrastructure integration of CTX enables organizations of varying maturity levels to leverage its benefits, which is a significant obstacle in many information-sharing platforms.

CrowdStrike, a leading provider of next-generation endpoint protection, threat intelligence, and 24×7 monitoring and incident response services, and a ThreatStream Alliance Preferred Partner, is also collaborating and contributing threat data to the CTX that is related to specific actors that are known to target healthcare organizations.  CrowdStrike has specific domain expertise in healthcare; its threat data, provided through ThreatStream, offers rich additional contextual threat intelligence to the community of CTX users.

“We have been operating a threat intelligence sharing and incident coordination center for a number of years, which has given us a lot of experience when it comes to determining the requirements for CTX,” said Daniel Nutkis, CEO and Founder, HITRUST. “CTX has already met our expectations, as evidenced by the level of sharing of actionable threat indicators that we’ve seen across the entire industry.”

As new security threats are discovered or breaches occur, CTX participants and research organizations share relevant and actionable threat intelligence through CTX. Because the platform operates in real-time the intelligence is delivered in a timely manner and is immediately consumable by all organizations. This allows for a proactive approach to detecting any instances of the threat locally. In the short time since the HITRUST CTX has been made available to all healthcare organizations, it has become the most widely subscribed threat exchange in the healthcare industry, with over 500 participating organizations. Members have already used the CTX to create their own trusted circles for sharing threat intelligence and distributed threat indicators related to two recent major breaches, extending the value of CTX beyond the cross-industry sharing it facilitates.

“We’re very proud to partner with HITRUST to bring this innovative solution to market; it provides a new and unprecedented level of cyber protection to our nation’s healthcare organizations—and ultimately to the patients they serve,” said Colby DeRodeff, chief strategy officer at ThreatStream. “For the first time we’re seeing collaboration among major verticals, including industry, government and the security community. HITRUST understands the unique information security requirements of the healthcare industry, and the Cyber Threat XChange is further evidence of its commitment to keeping healthcare companies out of the headlines and in the business of caring for people.”

For more information, please visit:


Founded in 2007, the Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST – in collaboration with public and private healthcare technology, privacy and information security leaders – has championed programs instrumental in safeguarding health information systems and exchanges while ensuring consumer confidence in their use.

HITRUST programs include the establishment of a common risk and compliance management framework (CSF); an assessment and assurance methodology; educational and career development; advocacy and awareness; and a federally recognized cyber Information Sharing and Analysis Organization (ISAO) and supporting initiatives. Over 84 percent of hospitals and health plans, as well as many other healthcare organizations and business associates, use the CSF, making it the most widely adopted security framework in the industry. For more information, visit

About ThreatStream

ThreatStream provides the leading enterprise class Threat Intelligence Platform, combining comprehensive threat data collection, prioritization, and analytics with secure collaboration in a vetted community. Offering the broadest enterprise security infrastructure integration available, ThreatStream enables organizations to proactively identify and combat cyber threats targeting their operations.  Headquartered in Redwood City, California, the company is privately held and has received venture capital backing from General Catalyst Partners, Google Ventures, Institutional Venture Partners, Paladin Capital Group and individual investors. To learn more, visit and follow us on Twitter @threatstream.

Write a Comment

Your email address will not be published. Required fields are marked *