Platform X - Cybersecurity Threat Intelligence Sources Standard
This is the standard Platform X Procedure Template
- Purpose
- The purpose of this document is to provide the Platform X threat intelligence source standard
- The purpose of this document is to provide the Platform X threat intelligence source standard
- Definitions
- Electronic Protected Health Information (ePHI): Any individually identifiable health information protected by HIPAA that is transmitted or stored in electronic media.
- Threat Intelligence: cyber threat information that has been evaluated for its integrity and reliability, provided from a trusted entity, used to reduce uncertainty in threat identification. A security professional with extensive knowledge of a given environment can determine what pieces of threat intelligence are applicable to their specific environment.
- Standard Sources
- UW-Madison Office of Cybersecurity
- MIST meetings and MIST email distribution list information
- Cybersecurity vulnerability and threat announcements via Tech Partners
- Presentations in HIPAA Operations Committee meetings
- Multi-State Information Sharing and Analysis Center
- SANS
- SANS News Bites
- SANS "OUCH!" News Letter
- SANS Institute email distribution list
- OCR (Office for Civil Rights) Security announcements
- via the OCR Security distribution list
- via the OCR Security distribution list
- Educause Security Listserv
- CVE via Qualys
- Responsibilities
- The CHI2 Data Security Officer, in conjunction with the CHI2 system owner will review one or more of the threat intelligence sources listed in this standard, distill which announced vulnerability-threat combinations are applicable to Px and take the appropriate action based on a risk analysis score created by one or both parties.
- Tasks for addressing the vulnerabilities are prioritized by risk to Px, as calcuated in IV.(A), and assigned to the DevOps or SecDevOps team for remediation.
- The CHI2 Data Security Officer, in conjunction with the CHI2 system owner will review one or more of the threat intelligence sources listed in this standard, distill which announced vulnerability-threat combinations are applicable to Px and take the appropriate action based on a risk analysis score created by one or both parties.