ABOUT THE BOOK
Stop the Cyber Bleeding is based on what Bob Chaput has learned throughout his more than 35-year career, which includes serving as an executive in global healthcare organizations such as GE, Johnson & Johnson, and Healthways. Over time, he has discovered significant deficiencies in how healthcare organizations are approaching compliance and cyber risk management.
The single biggest deficiency Bob has observed is the failure of organizations to invest in cybersecurity based on their unique risks. He strongly believes that you must start with your unique vision, mission, strategy, values, and services, examine all your unique data, devices, and systems that support your unique business, and then identify all your unique cyber exposures across your entire enterprise. This failure to identify your unique risks usually leads to a one-size-fits-all, checklist-based approach to cybersecurity. The upshot is overspending to treat perceived risks and underspending on your real risks. Identifying your unique risks is achieved by conducting a comprehensive, enterprise-wide OCR-Quality® Risk Analysis.
This book, therefore, is a business book about Enterprise Cyber Risk Management (ECRM), because ECRM is a business matter. Creating an ECRM program requires the leadership of the C-suite executives and the oversight of the board. ECRM is not an “IT problem”; furthermore, handled properly, it can become a business enabler.
To be successful at leveraging ECRM to be a business enabler, the C-suite and board must engage. Yet, many are uncertain how to do so. This book shares what Bob has learned and provides tangible, actionable guidance, and recommendations on how to establish, implement, and mature a formal ECRM program.
MA, CISSP, HCISPP, CRISC, CIPP/US, C|EH, NACD CERT Cyber Risk Oversight Certificate
Founder and Executive Chairman, Clearwater
Listen to Bob Chaput talk to HIMSS TV about
"Building a Cyber Risk Management Program."