Vendor Notebook: Clearwater, BreachLock launch new cyber threat hunting services

It’s no secret that healthcare organizations are taking heavy fire from cyberattacks across their vast IT surfaces. Regulators require ever higher levels of cyber hygiene and defense maturity to protect patients and patient data better and prevent disruption of critical health services by ransomware.

In December, U.S. Health and Human Services also suggested civil monetary penalties for healthcare organizations that are found to have violated HIPAA as the result of an attack, adding another layer of digital complexity to health services. While the American Hospital Association and others have pushed back on HHS for its proposal to penalize hospitals after attack-driven data breaches, software vendors and technology consultants are busier than ever looking at how they can intervene and provide products and services that both defend against attacks and maintain compliance with mandatory and proposed cybersecurity requirements.

Many companies offer managed detection and response to improve cyber posture and shield healthcare organizations, and experts say surveillance strategies, like pen testing, are key to HIPAA compliance. This week, Clearwater announced a new partnership that has already paid dividends to one regional hospital and BreachLock, which offers an automated Penetration Testing as a Service platform, said its cyber defense capabilities will soon interface with cloud platforms.

Akamai, which offers cloud computing and security services, released a product that stops scraping attacks without blocking “good” traffic to websites – including patient portals that are entry points to troves of protected health data.

Clearwater and 1stResponder partner on MDR 

Clearwater announced its new 24/7 threat hunting and monitoring partnership with 1stResponder, a digital forensics and incident response consultant for the healthcare, government and financial services industries.

With the new program, Clearwater expands its incident response capabilities, leveraging 1stResponder’s ability to rapidly deploy MDR services for healthcare organization endpoints, network and hybrid-cloud environments, the company said in its announcement Tuesday.

For smaller healthcare organizations considered to be among the most vulnerable to cyberattacks, the program can improve cyber resiliency by filling security and compliance gaps that many health systems and providers have, such as security leadership, risk analysis, technical testing capabilities – like tabletop exercises that build “muscle memory” – and more, Clearwater said.

The company also noted that one regional hospital recovered from a cyberattack, resumed operations and could prevent future attacks through digital forensics, continuous 24/7 security monitoring and other services offered through the partnership.

“Effective risk management, monitoring, detection and response, as well as incident response capabilities, tailored to the needs of healthcare, are key components of a strong and resilient cybersecurity program for healthcare providers and digital health companies,” Clearwater CEO Steve Cagle said in a statement.

BreachLock takes automated pen testing to cloud platforms

As part of a larger expansion of its automated PTaaS platform and attack surface management suite, BreachLock said Monday it will introduce SaaS Security Audit and Cloud Security Audit services for cloud-based services, applications and data.

In addition to launching new pen testing services for security control validation, the company announced it is also bringing human-delivered, artificial intelligence-powered and automated attack-surface management and Red Teaming as a Service to cyber-vulnerable organizations. 

“Having conducted hundreds of thousands of penetration tests, ASM scans and automated testing for customers across different industries, our AI-driven data contains comprehensive intelligence on vulnerabilities, exploits, threats and remediation best practices to make real-time inferences or intelligent decisions regarding security testing results,” Seemant Sehgal, BreachLock’s CEO and founder, said in a statement. 

Akamai releases content protector to stop scraping attacks

For years, cybercriminals have conducted patient portal attacks on a massive scale with bots that test stolen login credentials and then harvest the information from the accounts they can break into.

Data scraping can expose PHI. By 2016, 96% of log-in pages overall were hit with bad bots, according to researchers at Imperva.

Rupesh Chokshi, senior vice president and general manager of application security at Akamai, said in a statement Tuesday that the new tool safeguards an organization’s digital assets from scraping threats.

It provides protocol fingerprinting and application-level assessment, assesses user behavior and interactions and provides risk classifications of site traffic based on the anomalies found, Akamai said.

“Content Protector is more than just a security tool; it’s a business enabler,” Chokshi said. 

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.