Bob Chaput’s Stop the Cyber Bleeding is a needed call to action. It is a thoughtful explication of the risks inherent in our new digital world. Unlike most such narratives, it also offers a practical approach to manage and mitigate those risks.
—Mark Reynolds, President and CEO, Risk Management Foundation of the Harvard Medical Institutions Incorporated (CRICO)
Please note: As an Amazon Associate I earn from qualifying purchases.
In Kindle, Hardcopy, and Audible versions
PRAISE FOR STOP THE CYBER BLEEDING
—Ralph W. Davis, serial healthcare board member/advisor | Operating Partner, The Vistria Group
“Cybersecurity” is the kryptonite of too many healthcare company board meetings. Otherwise intelligent and accomplished people can be intellectually paralyzed by the mere mention of the term. Yet, failure to appreciate cybersecurity risk and ensure appropriate resource allocation too often leads to an even more painful experience: the post-breach emergency meeting. In Stop the Cyber Bleeding, Bob Chaput clearly and concisely arms executives and board members with what they need to know and the questions they need to ask to exercise effective oversight in this critical area. Whether your goal is to build a best-in-class Enterprise Cyber Risk Management (ECRM) program or, more modestly, simply to keep your company out of the hacker’s crosshairs and off the front pages of the newspaper, Stop the Cyber Bleeding is a “must read” now.
—Benoit Desjardins, MD, PhD, FAHA, FACR, CISSP | Associate Professor, Department of Radiology, Penn Medicine
In his excellent, practical, and timely book, Bob Chaput addresses multiple aspects of ECRM. He first describes the unique challenges of ECRM in today’s healthcare environment, given the current cyber risks and regulations. He then offers a well-rounded plan of action on how C-suite executives can provide leadership and oversight for their organization’s ECRM efforts. This plan of action is tailored to their specific cyber risks, based on the NIST framework, and includes how to establish an ECRM program and fund it. He finally provides several concrete examples of the benefits of establishing an ECRM program. This book is an extremely valuable guide and should be in the library of every healthcare institution C-suite executive, board member, and IT leader.
—Gregory J. Ehardt, JD, LL.M. | Vice President, Compliance and Privacy, CHRISTUS Health
I know from firsthand experience that the concepts, principles, and actions presented in Stop the Cyber Bleeding work to engage and inspire top leaders and board members alike to seriously take up the matter of cyber risk management as an enterprise issue. It’s terrific to see Bob codify his practical risk management skills, knowledge, and experience into a book that’s easy to read and use. His insightful treatment of the transformation required as a behavior-change matter is incredibly relevant for healthcare organizations. Given the increasing cyber liabilities facing healthcare organizations and their C-suite executives and board members alike, Stop the Cyber Bleeding is a must-read today.
—Iliana Peters, JD, LLM, CISSP | Shareholder, Polsinelli PC, Former Acting Deputy Director HHS Office for Civil Rights
In this book, Bob Chaput provides an excellent summary of the major issues facing healthcare entities with regard to cyber risk management and related security compliance. Bob includes helpful talking points to involve all members of a healthcare organization’s workforce in conversations about cybersecurity, including, importantly, the C-suite and board.
—James Furstenberg, Ph.D., CISSP, C|EH, GMON, C|ND, C|PTE, CNA, CLFE, ACE, C|SCU | Assistant Professor, Information Security and Intelligence, Ferris State University
Chaput hits it out of the park with his book Stop the Cyber Bleeding. Bob’s decades of risk management experience detailed in this book offer a must-read tutorial for every industry executive. Bob conveys lessons learned from the trenches while delivering street-smart, pragmatic, and tangible strategies toward unraveling the complexities of Enterprise Cyber Risk Management. More importantly, Bob provides evidence for what we cybersecurity professionals have been stating for years: Cyber risk management is not a department within IT—it is an enterprise issue that demands a seat (and a strategy) at the boardroom table!
—Fernando Martinez, Ph.D., CHCIO, CISSP, CISA, CISM, CGEIT | Chief Strategy Officer THA, President and CEO THA Foundation, Texas Hospital Association
The case for ECRM is decisively made; timely and relevant. Successful cyber exploits frequently capitalize on the failure of organizations to focus on, and address, fundamentals. This book is an instruction manual on how to get all of the fundamentals sustainably right. Clear and straight forward guidance for senior executives and board members alike. Ending each section with not only suggested questions to ask, but why and how to ask them is pure genius. Through realistic scenarios and firsthand experiences, Bob takes the reader on a sobering trip across the healthcare landscape. This is a must-read for executives who influence cyber risk and cybersecurity governance.