
September 15, 2022
Q2 2022 i1 Assessment Update: Control Requirements Analysis
By Brent Zelinski, Standards Senior Manager, HITRUST Q2 2022 Threat-Adaptive Evaluation for the HITRUST Implemented, 1-Year (i1) Validated Assessment Trending Highlights: Internal Spearphishing (T1534)...

June 23, 2022
On the Horizon: Upcoming Cyber Incident Reporting for Critical Infrastructure Act Introduces New Compliance Requirements
Complying with the Cyber Incident Reporting for Critical Infrastructure Act — which was passed into law in March of 2022 — may present new...

May 19, 2022
i1 Assessment Control Requirements Continue to Meet the Latest Cyberthreats
By Andrew Russell, Vice President of Standards, HITRUST Q1 2022 Threat-Adaptive Analysis: HITRUST Implemented, 1-Year (i1) Validated Assessment The HITRUST i1 Assessment + Certification...

August 20, 2021
HITRUST Continues to Innovate to Meet Upcoming CMMC Requirements
CMMC Overview The Cybersecurity Maturity Model Certification (CMMC) is a maturity model framework and an acquisition policy initiative launched by the Department of Defense...

June 15, 2021
Managing the Risk of a Ransomware Attack
What Is a Ransomware Attack? The Cybersecurity and Infrastructure Security Agency (CISA) defines ransomware as “a form of malware designed to encrypt files on...

April 21, 2017
HITRUST CyberAid – How It Works
Written by HITRUST Independent Security Journalist Sean Martin. Since HITRUST and Trend Micro first started delivering (and writing about) the HITRUST CyberAid initiative back...

October 12, 2017
Look! Nothing up My Sleeve! Introducing the HITRUST CTX Deceptive Program
Written by HITRUST Independent Security Journalist Sean Martin. Back in 2015, Gartner’s Lawrence Pingree projected that, by 2018, 10% of enterprises will use deception...

November 29, 2017
Learning from the Equifax Breach: Lessons for Healthcare Leadership
A Tipping Point in Cybersecurity Written by Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP, Member (FBI) InfraGard & HITRUST CSF Assessor Council. Executive Summary...

December 13, 2017
Better Healthcare to be Driven by Standardization of Cyber Risk Management at the State Level
Written by HITRUST Independent Security Journalist Sean Martin. Earlier this year, the New York eHealth Collaborative (NYeC), in conjunction with the New York State Department of...

July 21, 2017
Managing the Costs of Cybersecurity Insurance by Measuring and Managing Risk with a Standards Framework
By Pamela Arora, Senior Vice President and Chief Information Officer for Children’s Health Cybersecurity insurance should not be a substitute for having effective cybersecurity...

August 4, 2017
WannaCry Post Mortem: Early Warning Indicators and Lessons Learned for the Healthcare Industry
Written by HITRUST Independent Security Journalist Sean Martin. As the saying goes, “those who don’t learn from history are doomed to repeat it.” Some...

September 22, 2017
Asymmetric Attacks Mandate Credible Cybersecurity Framework
Written by Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), CCSFP is a Member of (FBI) InfraGard & HITRUST CSF Assessor Council. A single system or...