Bob Chaput Author Blog
Enabling Board Cyber Risk Oversight
Navigating SEC Cybersecurity Regulations: A Strategic Imperative for Enterprises
If you have ten thousand regulations, you destroy all respect for the law. —Winston Churchill Introduction Regulatory compliance has become a cornerstone of enterprise risk management in the ever-evolving cybersecurity landscape. Chapter 2 of my book, Enterprise Cyber...
Tackling Healthcare’s Top Challenges with Enterprise Cyber Risk Management (ECRM)
Cybercrime is the greatest threat to every company in the world. —Ginni Rometty, former CEO, IBM Introduction The healthcare industry faces unprecedented challenges, from shrinking profit margins and rising costs to regulatory complexities and the threat of new market...
Enterprise Cyber Risk Management: From Cost Center to Value Creator
Once you replace negative thoughts with positive ones, you'll start having positive results.—Willie NelsonIntroductionIn an era where digital transformation drives business growth, cybersecurity must transcend its traditional role as a defensive measure. Chapter 1 of...
The Crucial Role of Governance and Oversight in Cybersecurity: Regulations, Cases, and Standards
Corporate governance is concerned with holding the balance between economic and social goals and between individual and communal goals. The aim is to align as nearly as possible with the interests of individuals, corporations, and society. —Adrian Cadbury Introduction...
Accountability for Cyber Risk Management: A Critical Imperative for C-Suite Executives and Board Members
It is wrong and immoral to seek to escape the consequences of one’s acts.— Mahatma GandhiIntroductionAccording to the Merriam-Webster dictionary, “accountability” is “the quality or state of being accountable, especially an obligation or willingness to accept...
A Wake-Up Call for Healthcare Executives and Board Members
First, do no harm. —HippocratesIntroductionCybersecurity has become an essential aspect of modern healthcare, not just a concern for the IT department. Chapter 1 of Stop the Cyber Bleeding: What Healthcare Executives and Board Members Must Know About Enterprise Cyber...
From Cyber Guardian to Boardroom Luminary – A Personal Story About CIO Evolution Parallels, with Career Advice
It’s like deja-vu all over again.—Yogi BerraIntroductionI’ve discussed the CISO role evolving “From Cyber Guardian to Boardroom Luminary” in two previous articles. One was entitled “From Cyber Guardian to Boardroom Luminary—Yogi Berra,” and it refers to the quote...
Thinking Clearly About Risk Assessments
If I had an hour to solve a problem and my life depended on the solution, I would spend the first 55 minutes determining the proper question to ask.– Albert EinsteinIntroductionThere are few Einsteins out there for solving the problem of establishing, implementing,...
Healthcare Privacy and Security Spending Thought Experiment!
Healthcare Privacy and Security Spending Thought Experiment! IntroductionIn a recent post entitled Heads Up! Massive Increase in Proposed FY2025 OCR Budget: Focus on HIPAA Enforcement and Risk Management, as in the title, I wrote about the "whopping" proposed increase...
Heads Up! Massive Increase in Proposed FY2025 OCR Budget: Focus on HIPAA Enforcement and Risk Management
Heads Up! Massive Increase in Proposed FY2025 OCR Budget: Focus on HIPAA Enforcement and Risk ManagementIntroductionThe proposed Fiscal Year 2025 (FY2025) budget for the Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services (HHS)...