The HITRUST Threat Catalogue Provides Visibility Into Areas Representing The Greatest Risk Exposure

The HITRUST Threat Catalogue is designed to aid organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF control requirements. The HITRUST Threat Catalogue provides greater visibility into areas representing the greatest risk exposure and enhances the underlying risk analysis used to develop the HITRUST CSF.

The explicit alignment of threats to the HITRUST CSF produces a combination not found in other frameworks. It simplifies the risk analysis process for organizations and reduces some of the burden, costs, and confusion otherwise experienced when attempting to achieve this level of analysis. Identifying threats is a major component of a comprehensive risk analysis process for any organization seeking to protect their sensitive data and helps determine what adverse events are relevant to the organization and must be controlled.

HITRUST Threat Catalogue Includes Updated Ransomware Guidance

The increased frequency of ransomware attacks requires organizations of all types and sizes to re-examine their controls around data backup and restoration and ensure they could successfully recover their data if such an attack occurred. Using new guidelines from the Cybersecurity and Infrastructure Security Agency (CISA) and other reputable industry sources, the newest version of the HITRUST Threat Catalogue updates the list of HITRUST CSF controls to help better address the types of ransomware attacks organizations currently experience. In addition to identifying controls around secure data backup and recovery, the Catalogue also provides mappings to incident response, decision-support, and other risk mitigation controls.

To Learn More About the HITRUST Threat Catalogue, Review Frequently Asked Questions (FAQs).