By identifying and mapping threats to HITRUST CSF controls based on their specifications, HITRUST will have additional visibility into how the controls mitigate associated risk. This will help ensure the risks associated with specific threats are addressed appropriately, including any increased risk due to an organization’s specific risk factors. For example, organizations that are large, complex or aggregate large amounts of information generally present more risk, e.g., due to a larger attack surface or increased threat actor motivation, would generally require more robust controls.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment