HITRUST, a player in information cybersecurity and compliance assurance, announced significant enhancements to its Cyber Threat Adaptive engine. It now powers a collaboration with Microsoft, utilizing Microsoft Azure OpenAI Service and Microsoft Defender Threat Intelligence. This announcement represents an evolution in HITRUST‘s approach to safeguarding against the increasingly sophisticated and dynamic nature of cyber threats.
Sidney Passe, Partner at specialty cyber insurance broker McGill and Partners, emphasized the relevance of these updates to the cyber insurance industry. “We are particularly impressed with how HITRUST regularly updates its prescriptive controls in response to the shifting threat landscape. This proactive approach not only deepens our understanding of actual threats but also aids in tailoring our insurance products to better withstand these risks,” Passe noted. This reflects a growing trend where cyber insurance providers are increasingly relying on up-to-date, intelligent frameworks to inform their policies and risk assessments.
The updated Cyber Threat Adaptive engine incorporates advanced AI capabilities and threat intelligence to refine HITRUST’s Common Security Framework (CSF) with unprecedented accuracy and speed. These enhancements ensure that the cybersecurity controls within the framework remain highly effective against current and emerging cyber threats by allowing for the rapid adjustment of control specifications based on the latest intelligence.
The integration of Microsoft’s technologies allows HITRUST to transition to high-frequency analysis, moving away from the previous quarterly review cycles. This shift promises more timely updates to HITRUST assessments and threat bulletins, providing organizations with the latest information to safeguard against cyber threats.
“Adapting to…Cyber Threats”
Significant improvements include the adoption of generative AI technology via Microsoft Azure OpenAI Service, which enhances HITRUST’s analytical capabilities. Additionally, the incorporation of Microsoft Defender Threat Intelligence offers a broader array of tested indicators for potential attacks and compromises. The framework also aligns with the MITRE ATT&CK’s tactics, techniques, and procedures (TTPs), ensuring comprehensive coverage of potential cyber threats.
Robert Booker, Chief Strategy Officer at HITRUST, stressed the importance of swift adaptation to the cyber threat landscape. “Adapting to the rapid pace of cyber threats is critical for maintaining effective standards and trust. Our collaboration with Microsoft marks a significant advancement in our commitment to ensuring cybersecurity resilience,” said Booker.
David Houlding, Director of Global Healthcare Security and Compliance Strategy at Microsoft, highlighted Microsoft’s commitment to enhancing cybersecurity measures. “Microsoft is committed to empowering organizations to combat cyber threats through innovative solutions. Our partnership with HITRUST in enhancing its Cyber Threat Adaptive engine is a testament to our shared goal of advancing cybersecurity intelligence and technology,” Houlding remarked.
HITRUST’s recent Trust Report further highlights the efficacy of these updates, which noted that less than 1% of HITRUST-certified environments experienced a breach in the last two years. Versions 11.2 and 11.3 of the HITRUST CSF now cover 100% of the TTPs identified in the MITRE ATT&CK framework.
Other News: Resilience Updates Cyber Risk Solutions with New Loss Prevention Features(Opens in a new browser tab)