The recent HHS guidance on cybersecurity highlights the most relevant threats to the healthcare industry and offers measures to mitigate those threats. It comes at an important time for the industry and fills a critical gap where there has been a dearth of written standard practices. We analyze the guidance and discuss with experts in healthcare and cybersecurity law how organizations of all sizes and industries can use it to elevate their cyber readiness. See also “Is Encryption Obligatory? HHS Upholds Texas Hospital $4.3M HIPAA Fine” (Jul. 11, 2018).