Censinet Delivers New Product Support for NIST CSF 2.0 and HHS Cybersecurity Performance Goals

BOSTON, MA – MARCH 28, 2024 – Censinet, the leading provider of healthcare risk management solutions, today announced delivery of NIST Cybersecurity Framework 2.0 enterprise assessments; in addition, today’s release includes support for compliance with the recently announced HHS Healthcare and Public Health Sector Cybersecurity Performance Goals (HPH CPGs). Delivered as part of Censinet RiskOps^TM, NIST CSF 2.0 enterprise assessments and the HPH CPG Dashboard align cybersecurity programs with the latest, up-to-date recognized security practices and industry standards to further enhance healthcare organizations’ ability to manage cyber risk in a rapidly evolving threat landscape and regulatory environment.

“These new Censinet RiskOps^TM enterprise risk capabilities help healthcare organizations confront today’s modern threat environment and assess, manage, and mitigate cyber risks such as ransomware that threaten patient safety care operations,” said Ed Gaudet, CEO and Founder of Censinet. “NIST CSF 2.0 assessments and the HPH CPG Dashboard help healthcare organizations align with the latest regulations, best practices, and industry standards, and support our customers’ ability to assess and maintain compliance with pending HHS cybersecurity regulatory requirements.” 

NIST CSF 2.0 Enterprise Assessments

NIST CSF 2.0 enterprise assessments contain all the standard Censinet RiskOps assessment features and functionality, including:

• Enterprise self-assessment for all NIST CSF 2.0 Functions, Categories, and Subcategories including the new “Govern” Function with expanded emphasis on supply chain risk management and overall cybersecurity strategy and governance
• Automated Action Plans to identify and close gaps in NIST CSF 2.0 recommendations, controls, policies, and procedures
• Assignment of Action Plan findings to internal stakeholders and subject matter experts with in-platform status tracking, activity logs, and review
• NIST CSF 2.0 Dashboard to track enterprise coverage and Board reporting 

Censinet customers with the NIST enterprise risk module can still access, update, and maintain their current NIST CSF 1.1 enterprise assessment – and use for peer comparison in the Benchmarking Study – and are able to migrate to a NIST CSF 2.0 enterprise assessment in Censinet RiskOps at their own pace as the organization's cybersecurity maturity evolves.

HPH CPG Dashboard

The HPH CPG Dashboard enables healthcare organizations to track and maintain compliance for the recently announced HHS Healthcare and Public Health Sector Cybersecurity Performance Goals (HPH CPGs). Both HHS and The White House have proposed that the HPH CPGs form the basis for a set of mandatory minimum cybersecurity standards for covered entities and business associates.  

The HPH CPG Dashboard includes the following features and functionality to help healthcare organizations track, maintain, and improve HPH CPG compliance: 

• Automatic mapping of enterprise assessments for NIST CSF 1.1 and HICP to the HPH CPGs to show current coverage across all 10 Essential and 10 Enhanced CPGs
• Benchmarking for HPH CPGs to compare organizational coverage to industry peers, identify and prioritize gaps in coverage, and help justify cybersecurity investment 
• Actionable guidance based on completed NIST CSF 1.1 and HICP enterprise assessments to close gaps in current HPH CPG coverage and improve compliance
• Annual and quarterly trending for HPH CPG coverage to demonstrate progress and identify critical areas for improvement

In addition, the HPH CPG Dashboard contains intuitive, non-technical graphics that cybersecurity leaders can use for reporting to demonstrate compliance to the Board, regulators, and/or auditors. 

To learn more about NIST CSF 2.0 enterprise assessments, the HPH CPG Dashboard, and how Censinet can help your organization assess, manage, and maintain HPH CPG compliance, please email info@censinet.com.

‍

About Censinet

Censinet®, based in Boston, MA, takes the risk out of healthcare with Censinet RiskOps, the industry’s first and only cloud-based risk exchange of healthcare organizations working together to manage and mitigate cyber risk. Purpose-built for healthcare, Censinet RiskOps^TM delivers total automation across all third party and enterprise risk management workflows and best practices. Censinet transforms cyber risk management by leveraging network scale and efficiencies, providing actionable insight, and improving overall operational effectiveness while eliminating risks to patient safety, data, and care delivery. Censinet is an American Hospital Association (AHA) Preferred Cybersecurity Provider. Find out more about Censinet and its RiskOps platform at censinet.com.