Google Cloud is working with the Health-ISAC Threat Operations Center to develop an open-source integration that directly connects the Health-ISAC Indicator Threat Sharing (HITS) feed with Google Cloud’s Chronicle Security Operations information and event management.
Health-ISAC is a community of critical infrastructure owners and operators within the Health and Public Health sector. HITS allows Health-ISAC members to easily connect and quickly share cyber threat intelligence through machine-to-machine automation.
In July 2022, Google Cloud announced its agreement to join the Health Information Sharing and Analysis Center (Health-ISAC) as an Ambassador partner and bring Google’s cybersecurity resources to help this community of more than 750 global organizations fight back.
The HITS integration with Chronicle can help Health-ISAC members discover threats more rapidly, and can also assist in evicting malicious actors from their infrastructure. This crowd-sourced approach means that any member organization that detects a threat can automatically share that threat indicator with others, informing other members to investigate and update their defenses as needed. (Threat indicators are forensic artifacts of a present or past threat. They appear most often as suspicious files, URLs, email addresses, network addresses, sampled traffic, and activity logs.)
“The integration of Health-ISAC’s threat feed with Chronicle Security Operations is exciting to see,” said Errol Weiss, Health-ISAC’s chief security officer in a news release. “Our members can now ingest Health-ISAC’s Signature Threat Feed of member-to-member shared threat indicators into Chronicle, and use that information to help automation and threat analyst decisions when protecting critical network infrastructure.”
Join the HealthXL Masterclass on ‘Endpoints and Control Arms in Trials for DTx’ on 15th February. Click here to Request to Join.
Click here to read the original news story.