HITRUST CSF
Control Threat Analysis

Cyber Threat Adaptive Update

HITRUST uses a comprehensive and continuous process to identify threats, align mitigations that counter ongoing and new threats, and position the organization to respond effectively. The HITRUST CSF is regularly reviewed and updated as necessary to respond to the constantly shifting threat landscape through this process.

Read the Latest Analysis
CTA report 2025 cover

Static security programs can't keep up.

HITRUST's Cyber Threat Adaptive program can.

Cyber threats evolve rapidly, static or slow-moving security frameworks and programs built around higher-level security objectives struggle to remain effective. Attackers move faster than ever, exploiting gaps and weaknesses before organizations can react. The result? Security controls that look good on paper but fail to respond a changing threat landscape. 

At HITRUST, we’ve tackled this challenge head-on with our Cyber Threat Adaptive (CTA) program. This innovative solution stress-tests the HITRUST framework with real-world threat intelligence, ensuring our controls remain highly relevant and effective against emerging risks and support the organization’s ongoing compliance obligations.

Our report details findings covering the period from 01/01/2025 to 6/30/2025. Our research confirms that our i1, e1, and r2 requirement selections are responsive to the current threat landscape. During this period, we analyzed 435 real-world breaches, approximately 220,000 indicators across nearly 4,100 threat articles resulting in approximately 41,000 mappings to MITRE ATT&CK techniques and mitigations. Looking at the most common techniques identified, the HITRUST e1, i1, and r2 assessments have a high degree of coverage against techniques that were most prevalent in the first half of this year.

Q12025 HITRUST Threat Landscape Analysis

How it Works

Unlike static frameworks that risk becoming outdated, HITRUST uses CTA to perform regular, in-depth analyses of real-world threat intelligence, breach data, and attack techniques (such as those cataloged in the MITRE ATT&CK framework). This diagram illustrates how we orchestrate our Cyber Threat Adaptive process and use it to progressively update the HITRUST CSF.
Ultimately, the output informs HITRUST on which requirements will be included as part of our e1 and i1 requirement selections.

HITRUST CSF Control Threat Analysis

View CSF Control Threat Analysis Reports, offering detailed insights into the evolving threat landscape and the rationale behind control requirements. These reports help organizations understand how emerging risks, industry trends, and threat intelligence shape the HITRUST CSF framework—supporting stronger, risk-based security and compliance strategies.

Ready to take your information security program to the next level?

Get Started with HITRUST

The Only Certification Proven to Work

With a 99.41% breach-free rate among HITRUST-certified environments, HITRUST stands alone in cybersecurity assurance. From third-party risk to internal controls, trust the solution that reduces risk — and proves it.

Get Started
Chat

Chat Now

This is where you can start a live chat with a member of our team