We are seeking participants to join other leading healthcare organizations in this landmark initiative to strengthen cybersecurity across the industry.

Censinet, KLAS Research, and American Hospital Association are conducting a study intended to understand and establish collaborative healthcare operational and cybersecurity benchmarks. This study will establish a way to measure and compare your organization to peer organizations through anonymized, aggregated datasets.


Exclusive Benefits for First 100 Study Participants.

Participation in this study demonstrates your thought leadership and dedication to elevating not only your own organization’s cybersecurity posture, but the cyber strength of the overall healthcare industry. Participation in this study entitles you to the following benefits:

  • Full, free access to Censinet NIST and HICP benchmarking modules and data during the study and post-study until Mar 31, 2023
  • Guidance and Action Plans for targeted security investment and performance improvement
  • Peer Benchmarking at detailed, NIST CSF Subcategory level for targeted investment and resource allocation

Stronger Together, We Can Make Healthcare Safer.

To participate, please contact us today!


The Healthcare Cybersecurity Benchmarking Study is Provided in Partnership with the Following Sponsors:


Value of Peer Benchmarking

Leading healthcare CIOs, CISOs, and IT/Security leaders seek to continuously strengthen their overall cybersecurity performance across the enterprise. Benchmarks provide the ability to see how your cybersecurity investments and program performance compare to peer organizations by size and to the broader provider community – enabling more informed, data-driven decision making. 

Prioritize Cybersecurity Investments – See how your organization’s cybersecurity program investments, including people, resources, and tools, compare to peers at any given point in time. Identify where your organization leads or lags peers across critical pillars of cybersecurity and use benchmarking results to help identify gaps, prioritize program investment decisions, and justify capital commitments from the Board. 

Elevate Cybersecurity Performance – Compare the performance and effectiveness of your organization’s cybersecurity program to peers based on industry recognized security practices such as NIST CSF 1.1 and HHS 405(d) Health Industry Cybersecurity Practices (HICP). Drill down into all of the NIST CSF Functions and Categories as well as the ten HICP Practice Areas to identify gaps and relative coverage.


Censinet Peer Benchmarking

Our approach establishes a way for healthcare systems to collaboratively establish and maintain benchmarks as a natural artifact of performing their standard cybersecurity best practice self-assessments. We provide detailed, robust apples-to-apples peer benchmarking across the following three modules:

Organizational Benchmarks

Compare your organization’s operational metrics to your peers, including:

  • % Cyber Expense to Revenue
  • % IT Expense to Revenue
  • % Program & FTE Ownership
  • Employee to Cyber FTE Ratio
  • Cost to Protect each FTE & Patient
  • Cyber Insurance Premium Increase

Cybersecurity Benchmarking


NIST CSF 1.1 Benchmarks

Assess your organization using NIST CSF 1.1, including built-in evidence capture, automated action plan generation to increase compliance, healthcare specific views, and Board-level reporting. Compare your security program against peers across NIST CSF 1.1 Functions and Categories.


HICP Benchmarks

Assess your organization using Health Industry Cybersecurity Practices (HICP), including built-in evidence. Built-in evidence capture, automated action plan generation to increase coverage, and Board-level reporting. Compare your cyber risk posture to your peers across the 10 HICP Practice Areas.