HITRUST poised to issue 'matrix' on security of cloud services and defining responsibilities

A leading industry group on certifying cybersecurity practices, HITRUST, will be issuing a “matrix” to help in selecting and ensuring the security of cloud service providers, a move the group says would offer a first-of-its-kind industry wide approach for defining shared responsibilities between customers and vendors.

“What was lacking was an industry accepted model that can be used by any cloud service for any cloud service model, for any type of control,” said Becky Swain, director of standards development for...