Health IT, Hospitals

Intermountain, U. Utah to open cybersecurity center with 3 others

Intermountain Healthcare CIO Marc Probst dropped this news — but not the names of the other partners — Monday at the 13th annual World Health Care Congress in Washington.

Marc Probst

Marc Probst

With cyber threats getting more nefarious by the day, Intermountain Healthcare, the University of Utah and three other large healthcare organizations are going to collaborate on a security operations center to deal with the looming menace to the whole industry.

Intermountain CIO Marc Probst dropped this news — but not the names of the other partners — Monday at the 13th annual World Health Care Congress in Washington. “They’re all names you’ve heard of,” Probst promised.

Probst was speaking at a session about avoiding data breaches and strengthening health information security.

He explained how Salt Lake City-based Intermountain built a 24/7 security operations center about two years ago.”It’s really been successful,” Probst reported. Others saw this and contacted him about a collaboration. The result is the forthcoming joint security center that will be formally announced soon and housed at the University of Utah.

The idea is to share a “playbook” and resources on information security in an effort to head off the growing threats that face healthcare organizations. “The hackers only have to get it right once and you’re in trouble. We have to get it right every time,” Probst explained.

This job is made more difficult by the fact that hackers are getting more sophisticated and changing tactics rapidly.

“The old strategies just aren’t going to work,” Probst said. He indicated that Intermountain is moving from protecting the perimeter of its IT infrastructure to anticipating the next attack. “You’ve got to have good processes in place, and a lot of this means you have to have good humans in place,” he said.

He spoke of some surprising realities. Notably, mobile devices are prime targets, even at the enterprise level. Probst noted that Apple’s iOS is more vulnerable than Windows is today. And while ransomware has grabbed headlines in healthcare over the last two months, it’s not Intermountain’s top concern. “Right now our biggest issue? Phishing, by far,” Probst said.

That is, of course, evolving. “It’s clearly gone from hacker to attacker,” Probst noted. “It’s no longer a kid sitting in the basement.”

Also, no longer is Intermountain being passive about security. “We now have to come up with better tactics,” Probst noted.

Eight years ago, Intermountain lost an unencrypted laptop and spent a lot of money to try to find it. “That woke us up,” Probst said.

Soon after, University of Utah Health Care had some unencrypted backup tapes stolen. Probst realized that Intermountain didn’t encrypt its backup tapes, either. “Two weeks later, they were encrypted,” he said.

The desire to be proactive led to the security operations center and, ultimately, to the new collaboration. The risk of a breach is too high. “I would rather our data center go completely dark, turned off, than have a major breach,” Probst said.