The HITRUST Cyber Threat XChange (CTX) is sharing bi-directional indicators with the Department of Homeland Security. HITRUST's Cyber Lab, in partnership with Trend Micro, identified malicious indicators of compromise several weeks in advance of the WannaCry outbreak. CTX members were able to automatically receive indicators, update defenses and stop the WannaCry threats before systems were compromised. This program has helped U.S. healthcare organizations become leaders in sharing threat indicators of malicious threats from many attack vectors. This session explores how sharing IOCs has helped healthcare providers protect the valuable data, PHI and medical systems sought after by cybercriminals and targeted attacks.