FRISCO, Texas, March 4, 2024 /PRNewswire/ — Last week marked a significant milestone in cybersecurity as the National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework. In response, HITRUST, the leader in cybersecurity assurance and risk management, today announced support for NIST 2.0 and unveiled a companion document aimed at the enhanced value of cyber resilience for all industries, including the healthcare sector and other critical infrastructure sectors wishing to effectively utilize and apply the updated framework.
With nearly two decades of practical experience in implementing the NIST Cybersecurity Framework (CSF), including a pivotal role in developing ongoing guidance for the healthcare industry, HITRUST is well-positioned to provide comprehensive support in navigating the complexities of cybersecurity assurance and risk management.
“We continue our commitment to guiding organizations towards cyber resilience,” said Robert Booker, Chief Strategy Officer at HITRUST. “Our companion document offers tailored guidance to healthcare and other industries, and to the broader security community, facilitating a deeper understanding of the framework’s context and specific application.”
The companion document, titled “The HITRUST Approach to Cyber Resilience: Leveraging HITRUST to Implement the NIST Cybersecurity Framework Version 2.0,” not only describes the nuances of NIST 2.0 but also equips organizations with practical insights to select appropriate controls and actions, further fortifying their cybersecurity posture. Moreover, it underscores HITRUST’s dedication to collaborating with customers, industry stakeholders, and regulatory authorities in the public sector to spearhead advancements in cybersecurity assurance and risk management.
“As organizations strive to mitigate evolving cyber threats, our approach provides a clear pathway to enhance cyber resilience,” added Booker. “We empower our nation’s leading companies to proactively address cybersecurity risks, positioning them at the forefront of their cyber journey.”
HITRUST’s approach facilitates seamless implementation of NIST Cybersecurity Framework 2.0, enabling organizations to demonstrate control selection commensurate with identified risks, implementation, maturity, and effectiveness with confidence. This methodology supports organizations across diverse industries and aligns with regulatory requirements such as the HIPAA Security Rule, offering a defensible approach for healthcare entities seeking compliance. This approach is broader than alignment with and guidance for implementation of version 2.0 of the NIST Cybersecurity Framework. The HITRUST approach provides recognized and trusted assurance that relevant controls are properly selected and implemented along with a valuable NIST Cybersecurity Framework scorecard demonstrating coverage across the NIST Cybersecurity Framework.
For organizations seeking to elevate their cybersecurity posture and embrace cyber resilience, HITRUST stands as a trusted partner, committed to delivering practical solutions and unparalleled expertise.
HITRUST support for version 2.0 of the NIST Cybersecurity Framework will be available in the second half of 2024 with publication of an Informative Reference to NIST under the National Online Informative References Program and addition of version 2.0 to version 11.4 of the HITRUST framework. This will support use of NIST CSF version 2.0 as a selectable factor in HITRUST reports and will support NIST CSF version 2.0 for HITRUST r2 Assurance reports at the HITRUST 11.4 level.
To learn more about HITRUST, visit HITRUSTalliance.net.
About HITRUST
Since it was founded in 2007, HITRUST has championed programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain. In collaboration with privacy, information security, and risk management leaders from the public and private sectors, HITRUST develops, maintains, and provides broad access to its widely adopted common risk and compliance management frameworks as well as related assessment and assurance methodologies. For more information, visit www.hitrustalliance.net.
For media inquiries:
Leslie Kesselring
Kesselring Communications for HITRUST
leslie@kesscomm.com
503-358-1012
View original content to download multimedia:https://www.prnewswire.com/news-releases/hitrust-supports-release-of-nist-2-0-and-unveils-companion-guide-to-cyber-resilience-302078071.html
SOURCE HITRUST Services Corp.
