HITRUST is undertaking the first empirical and comprehensive study, called HITRUST Cyber Discovery, to analyze the methods, severity and pervasiveness of cyber threats targeting a variety of healthcare organizations.

The study will enable a better understanding of the actual magnitude, complexity, relations of cyber-attacks, commonalities of target organizations and data, and degree of cyber threats persisting within organizations.

The goal is to accurately identify attack patterns and persistence, as well as the magnitude and sophistication of specific threats across enterprises.

The HITRUST Cyber Discovery Study will serve as an industry benchmark in the fight against cyber attacks, including data collection, analysis and reporting. Approximately 210 health plans and provider organizations will be recruited to participate in the study.

The research scope of the study will include:

  • Detection of advanced persistent threat and perpetrators
  • Analysis and forensics of malware and other threats
  • Attacks against specific data, organizations and industry segments

HITRUST will provide participants with software, hardware and expertise to detect, analyze and monitor networks free of charge for the study’s duration, which is expected to be approximately 90 days. HITRUST has selected Trend Micro to provide the support services and tools leveraging its Trend Micro Deep Discovery technology.

Participants will benefit from having access to highly sophisticated collection and analysis tools and resources to provide detailed information regarding cyber events and threats within their environment free of charge. In return they will be required to provide anonymized data regularly to HITRUST for analytical purposes. An initial report of findings and recommendations will be published approximately four months from the launch of the study.

Registration has closed July 1, 2015.