CIS Controls Successfully Mapped to Healthcare and Public Health Sector-Specific Cybersecurity Performance Goals
CIS Critical Security Controls v8.1 now integrated with HPH CPGs to boost cybersecurity
EAST GREENBUSH, N.Y., Sep. 3, 2024 – The Center for Internet Security, Inc. (CIS®) is pleased to announce the successful mapping of CIS Critical Security Controls® (CIS Controls®) v8.1 to the U.S. Department of Health and Human Services' Healthcare and Public Health (HHS HPH) cybersecurity performance goals (CPGs).
In an era where cyber threats are escalating, the need for robust cybersecurity measures is more critical than ever, particularly in sensitive sectors such as healthcare. This mapping is a significant step forward in enhancing the protection of healthcare organizations across the United States.
The CIS Controls are a prescriptive, prioritized, and simplified set of best practices that organizations can use to strengthen their cybersecurity posture. They encompass a spectrum of tasks such as inventory and control of hardware and software assets, continuous vulnerability management, controlled use of administrative privileges, and incident response planning. By implementing the CIS Controls, organizations can significantly reduce their risk of cyber attacks, safeguarding their data, systems, and network infrastructure.
The HPH CPGs serve as a critical roadmap for creating a resilient healthcare system and maintaining crucial healthcare services across the public health environment. The goals focus on reducing vulnerabilities, strengthening systems against attacks, and ensuring swift recovery if compromised.
"The compatibility between CIS Controls v8.1 and the HPH CPGs delivers an invaluable cybersecurity resource tailored for the healthcare industry," said Curtis Dukes, CIS Executive Vice President and General Manager, Security Best Practices. "It offers organizations in this sector a clear pathway toward increased efficiency in managing security risks while optimizing their efforts on ensuring patient safety through data integrity."
The mapping of these two industry-leading resources creates an integrated framework where both sets of controls complement each other. It ensures that health care organizations using the CPGs can bridge any gaps in their security defenses by consulting the corresponding CIS Controls.
Download the mapping here.
Want to see how the CIS Critical Security Controls fit into your broader security program? Use our CIS Controls Navigator to explore how they map to other security standards.
For more information on the CIS Controls v8.1 mapping to HPH CPGs, please contact CIS Sr. Media Relations Manager Kelly Wyland at [email protected] or 518-256-6978.