"New Version of HITRUST CSF Helps Healthcare Tackle Emerging Cybersecurity Threats"
HITRUST will release version 11 of its Cybersecurity Framework (CSF) in January with new and enhanced features for dealing with growing cybersecurity threats and minimizing certification efforts. HITRUST can help healthcare organizations bolster their security postures and manage third-party risk. The HITRUST CSF is a risk- and compliance-based framework seeking to provide structure and advice across several data privacy and security regulations and standards, thereby reducing enterprise burden and complexity. In particular, CSF version 11 will provide enhanced control mappings and precision to cut certification efforts by 45 percent. In addition, the new version allows the complete HITRUST assessment portfolio to use cyber threat-adaptive controls suitable for each level of assurance. The next version will include more authoritative sources, such as the National Institute of Standards and Technology (NIST) SP 800-53, Rev 5, and the Health Industry Cybersecurity Practices (HICP) standards. HITRUST also created Artificial Intelligence (AI)-based standards development tools to help its assurance experts map and maintain authoritative sources. This AI-based toolbox will save maintenance and mapping efforts by up to 70 percent, according to HITRUST. CSF version 11 enables a single framework within the HITRUST CSF to provide an approach that covers broad assurance needs for various risk levels and compliance requirements with greater assurance reliability than alternative assessment options. This article continues to discuss the new version of the HITRUST CSF that will help healthcare organizations combat cybersecurity threats.