When it comes to healthcare security, media attention is usually focused on the mega breaches – think Anthem, Premera and, most recently, Banner Health. But there is a long tail of smaller organizations who also need help. That’s where the Health Information Trust Alliance (HITRUST) has expanded its focus. Its latest initiative, CyberAid, is designed specifically to help smaller healthcare organizations protect themselves from ransomware, data breaches and other major threats.
Trend Micro has been helping organizations in this sector for years, so we’re honored to have been chosen as the vendor for this worthy new program. And we can’t wait to get our Cloud Edge and Worry-Free products into the hands of those organizations most in need as soon as possible.
Healthcare under fire
According to the Office of Civil Rights (OCR) there were more than 250 healthcare breaches affecting 500 individuals or more in 2015. They resulted in the loss of over 100 million records. Separate research carried out by the Ponemon Institute claimed that nearly 90% of healthcare organizations suffered at least one data breach in the past two years – at an average cost of $2.2 million per incident.
Unfortunately, that’s just the tip of the iceberg. Organizations in this sector – most notably the Hollywood Presbyterian Medical Center – have become increasingly popular targets for ransomware. That institution was forced to pay thousands to get its most critical data back – but not before being forced to cancel patient treatments as a result of systems going offline. Like data breaches, these incidents can end up spiralling out of control, taking down the organization’s hard won reputation and leading to costs beyond the initial remediation and clean-up.
Why are healthcare organizations so interesting to the black hats? A combination of heterogeneous IT systems, outdated and underfunded security, and the lure for cybercriminals of plenty of lucrative data, all go some way to explaining the problems facing the industry. It doesn’t help that some systems are thought too mission critical to patch, further increasing the attack surface.
Making security simple
HITRUST was set up to make a difference in this space through initiatives like HITRUST CSF, a certifiable framework designed to improve security best practice in this space. Another initiative, the HITRUST Cyber Threat Exchange (CTX) enables the sharing of actionable threat information (IOCs) to better fortify participant organizations. HITRUST also piloted an innovative approach to collect more, better and faster IOCs, Trend Micro’s Deep Discovery product was central to the success of this project – rolled out to scores of organizations in the pilot scheme.
Now it’s time for CyberAid, a program focused on providing protection to smaller healthcare organizations with limited technical and financial resources. Its criteria for selecting security solutions for these organizations is strict. They must be:
Trend Micro’s Cloud Edge and Worry-Free solutions excel in all of the above areas. It’s hassle-free security at its best designed to offer next gen protection from network breaches, endpoint threats and business disruption. Cloud Edge, a hybrid solution leveraging an on-premise physical appliance as well as our cloud technologies for better performance, stops threats at the gateway, managed from a single console via a simple and intuitive UI. Finally a network appliance bringing Enterprise class security capabilities, proven to protect against ransomware and other threats, to smaller organizations within a single, form factor. And Worry-Free is the number one rated endpoint security platform to protect users and assets from malware and data loss. Staff use a centralized console to manage devices and set policies with ease.
Both are simple to deploy and require virtually zero ongoing administration – exactly what the doctor ordered.
Trend Micro is thrilled to be working with HITRUST on the new CyberAid program. Pediatric healthcare provider Children’s Health is the first engagement partner or CyberAid Community Advocate to get on board and so far, 80 physician practices have signed up. But it certainly doesn’t stop there – HITRUST is expanding the program nationally and we will be there to support HITRUST and the healthcare industry.
To find out more about HITRUST CyberAid, click here.