HITRUST updates Cyber Threat Adaptive engine to address emerging cyber threats

HITRUST announced a comprehensive update to its Cyber Threat Adaptive engine to enable increased accuracy and timeliness of HITRUST CSF updates to address emerging cyber threats.

This update introduces advanced AI capabilities through a collaboration with Microsoft, integrating Microsoft Azure OpenAI Service and Microsoft Defender Threat Intelligence. This strategic update further advances HITRUST’s ability to provide adaptive assurance solutions that are among the most relevant and reliable available, empowering organizations to effectively manage internal and third-party cyber risks.

Today’s constantly evolving cyber threat landscape demands information security, risk, and privacy frameworks and their assurances methodologies be adaptive and relevant to the current and emerging cyber threats and information risks.

Threat actors continually modify their attack methods to defeat the latest defense strategies and to take advantage of dated or ineffective standards or best practices, which have extended development and release cycles in most cases in excess of a year.

To address this issue, HITRUST pioneered Cyber Threat Adaptive, a patent-pending engine to analyze cyber threat intelligence, breach, and loss data against the control specifications in the HITRUST CSF to ensure that the cybersecurity control specifications in the framework are appropriate to address current and emerging cyber threats. This approach enables HITRUST to add, remove, or modify controls specifications to maintain maximum relevance and effectiveness in managing cyber risk.

Key upgrades to the Cyber Threat Adaptive engine include:

• Beginning the shift of its generative AI technology to Microsoft Azure OpenAI Service, enhancing, and accelerating analytical capabilities to align control requirements with the latest threat intelligence.
• The addition of Microsoft Defender Threat Intelligence for an expanded set of tested indicators of attack and compromise.
• Cross-referencing MITRE ATT&CK’s tactics, techniques, and procedures (TTPs) to requirements in the HITRUST CSF.
• Transition to high frequency analysis (up from the previous quarterly review cycle) to inform HITRUST assessments and threat bulletins.

Recently, the company revealed in its inaugural Trust Report that less than 1% of HITRUST certified environments experienced a breach over the past 2 years. The company attributes much of its breakthrough performance to the relevance of its control set and Cyber Threat Adaptive engine.

The company further notes that the HITRUST CSF versions 11.2 and 11.3 cover 100% of the addressable TTPs (Tactics, Techniques, and Procedures), in the MITRE ATT&CK framework.

“We are particularly impressed with how HITRUST regularly updates its prescriptive controls in response to the shifting threat landscape. This is something the cyber insurance community collectively ventures to accomplish through application revamps, but these can feel static against the pace at which threats change. Cyber Threat Adaptive not only enhances our depth of knowledge around actual threats in the wild but can also aid in tailoring commercial insurance products to withstand these risks,” said Sidney Prasse, Partner at McGill and Partners, a specialty cyber insurance broker.

The enhancements to the Cyber Threat Adaptive program not only aim to provide immediate insights into vulnerabilities and mitigative guidance, but also lay the groundwork for future tools that will enable organizations and their vendors to conduct in-depth control assessments relative to specific threats.

Robert Booker, Chief Strategy Officer at HITRUST, emphasized the importance of this update, stating, “Adapting to the rapid pace of cyber threats is critical for maintaining effective standards and frameworks and it is imperative to maintaining trust. Our collaboration with Microsoft and the integration of their threat intelligence and generative AI technologies marks a significant advancement in our ongoing commitment to this goal.”

“Microsoft is committed to empowering organizations to combat cyber threats through innovative solutions. Collaborating with HITRUST in enhancing its Cyber Threat Adaptive engine reflects our shared goal of advancing cybersecurity intelligence and technology,” said David Houlding, Director, Global Healthcare Security and Compliance Strategy at Microsoft.