Bob Chaput Author Blog
Enabling Board Cyber Risk Oversight
Navigating Cyber Risks in Healthcare: A Critical Wake-Up Call
Navigating Cyber Risks in Healthcare: A Critical Wake-Up Call“Plus ça change, plus c'est la même chose” (“The more things change, the more they stay the same.”)--Jean-Baptiste Alphonse KarrIn our digital age, the healthcare sector remains the most vulnerable to cyber...
From Cyber Guardian to Boardroom Luminary – Top 5 Actions
From Cyber Guardian to Boardroom Luminary - Top 5 Actions“The best time to plant a tree was 20 years ago. The second best time is now.” – Chinese ProverbIn my recent post, From Cyber Guardian to Boardroom Luminary- Yogi Berra, I presented a case for change in how...
From Cyber Guardian to Boardroom Luminary – Yogi Berra
From Cyber Guardian to Boardroom Luminary - Yogi BerraIt's like deja-vu, all over again.—Yogi Berra[1]IntroductionI recently delivered the keynote at an ISC2 Spotlight event focused on Governance, Risk Management, and Compliance (GRC). The title of my talk was From...
Cyber Risk Illiteracy – 4 – ECRM Program vs. Cybersecurity Strategy
Cyber Risk Literacy – 4 – ECRM Program vs. Cybersecurity StrategyBy failing to prepare, you are preparing to fail.—Benjamin Franklin[1]First, in case you didn’t notice, I have changed the series title from “Cyber Risk Illiteracy” to “Cyber Risk Literacy.” After all,...
Cyber Risk Illiteracy – 3 – ECRM? ERM?
Cyber Risk Illiteracy – 3 – ECRM? ERM?A definition is the enclosing a wilderness of idea within a wall of words.—Samuel Butler[1]Oh, man! Do we ever need to enclose the wilderness of enterprise cyber risk management and cybersecurity ideas within a wall of words?!?...
Cyber Risk Illiteracy – 2 – Bald Tire
Cyber Risk Illiteracy - 2 - Bald TireThe illiterate of the future will not be the person who cannot read. It will be the person who does not know how to learn.—Alvin Toffler[i]It’s not too late to learn. Don’t be the person that does not know how to learn.Last week, I...
Cyber Risk Illiteracy – 1 – Stomp Out Risk Illiteracy
Risk Illiteracy -1 - Stomp Out Risk IlliteracyYou can't have people making decisions about the future of the world who are scientifically illiterate. That's a recipe for disaster.—Neil deGrasse Tyson[1] You can't have people making cyber risk management decisions...
ECRM Budget Philosophy
Blog #15 of ~20 in ECRM Framework & Strategy SeriesECRM Budget PhilosophyIf you are starting this ECRM Framework & Strategy Series here, with Blog #15, you may wish to review some previous posts:#1, Introduction - Overseeing the Development of Your ECRM...
ECRM Recordkeeping and Reporting Standards, Policies, and Procedures
Blog #14 of ~20 in ECRM Framework & Strategy SeriesECRM Recordkeeping and Reporting Standards, Policies, and ProceduresIf you are starting this ECRM Framework & Strategy Series here, with Blog #14, you may wish to review some previous posts:#1, Introduction -...
ECRM Third-Party Risk Management Standards, Policies, and Procedures
Blog #13 of ~20 in ECRM Framework & Strategy SeriesECRM Third-Party Risk Management Standards, Policies, and ProceduresIf you are starting this ECRM Framework & Strategy Series here, with Blog #13, you may wish to review some previous posts:#1, Introduction -...