Improving Enterprise Cyber Risk ManagementBob Chaput, Founder of Clearwater, Discusses Key Steps
What are the critical components of a strong enterprise cyber risk management program for healthcare entities? Bob Chaput, founder of security and privacy consulting firm Clearwater, outlines key factors in an interview about his new book on the topic.
It's important that entities take a "more strategic, business-oriented and architectural approach" to their cyber risk management programs, rather than "a tactical, technical, reactionary" approach, says Chaput, author of "Stop the Cyber Bleeding: What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management".
"This is really a business risk management issue ... not an IT problem," Chaput says.
Healthcare organizations must align their enterprise cyber risk management programs with their "unique vision and mission" including the services they offered to patients, he says.
In this interview with Information Security Media Group (see audio link below photo), Chaput also discusses:
- Other common mistakes healthcare entities make in crafting and deploying enterprise cyber risk management programs;
- How these mistakes can potentially pose patient safety risks;
- Top healthcare sector cybersecurity concerns during the COVID-19 pandemic.
Chaput is the founder and executive chairman of healthcare security and privacy risk management consulting firm Clearwater. He has nearly 40 years of experience in the field, and is a contributing author of two other books on healthcare risk management and compliance.