The new release, HITRUST CSF version 11, will "improve mitigations against evolving cyber threats, broaden the coverage of authoritative sources and streamline the journey to higher levels of assurance, according to a prepared statement.
CSF v11 Key Features
CSF v11 highlights HITRUST's commitment to continuous improvement, the organization stated.
Key features of CSF v11 include:
- Enables organizations to perform HITRUST assessments that use cyber threat-adaptive controls for each level of assurance
- Allows organizations to map out the requirements associated with various certifications and speed up the process of earning them
- Offers a single framework that accounts for different risk levels and compliance requirements
- Ensures all HITRUST assessments are subsets (or supersets) of each other, allowing organizations to reuse the work in lower-level HITRUST assessments to share common control requirements and achieve higher assurances
- Integrations across Microsoft Azure, Dynamics 365, Microsoft 365 and Power Platform
- Addition of NIST SP 800-53, Rev 5 and Health Industry Cybersecurity Practices (HICP) standards
- AI-based standards development capabilities that enable HITRUST assurance experts to map and maintain standards in accordance with authoritative sources
CSF v11 will help global organizations "stay relevant with current and emerging threats," HITRUST VP of Standards Andrew Russell said. That way, they can use the framework to conduct security assessments, generate security insights and use them to find the best ways to combat cyberattacks.
A Closer Look at HITRUST's CSF Framework
The CSF framework provides global organizations with a "comprehensive, flexible and efficient approach to regulatory/standards compliance and risk management," according to HITRUST. Organizations can use the framework to secure, monitor and manage their data in compliance with myriad industry requirements.
Organizations in healthcare, financial services and many other industries follow CSF's framework. In addition, HITRUST has partnered with Trend Micro and other technology providers to help organizations adopt the standard to bolster their cyber protection.