Bob Chaput Author Blog
Enabling Board Cyber Risk Oversight
Getting Started with the Development of Your ECRM Framework and Strategy
Blog #2 of ~15 in ECRM Framework & Strategy SeriesGetting Started with the Development of Your ECRM Framework and StrategyIn this and upcoming posts in this ECRM Framework & Strategy Series, I will cover one or more aspects of developing your ECRM Framework...
Introduction – Overseeing the Development of Your ECRM Framework and Strategy
Blog #1 of ~15 in ECRM Framework & Strategy SeriesPosts in this series:#1, Introduction - Overseeing the Development of Your ECRM Framework and Strategy#2, Getting Started with the Development of Your ECRM Framework and Strategy#3, Setting ECRM Guiding Principles,...
Board Members – Stop Wasting Investors’ Money on Cybersecurity!
Board Members – Stop Wasting Investors' Money on Cybersecurity!IntroductionPick your favorite business publication, magazine, research resource, top consultancy, or local butcher or baker. The data, systems, and devices that create, receive, maintain, or transmit...
The Board, M&A, and Cyber Risk Management
Introduction I cited an MIT Sloan Executive Education in a recent blog post, Getting Started with Enterprise Cyber Risk Management (ECRM) | Overseeing the Development of Your ECRM Framework and Strategy, “Cyber risk is so significant that a responsible board can no...
Getting Started with Enterprise Cyber Risk Management (ECRM) | Overseeing the Development of Your ECRM Framework and Strategy
Board members, C-suite executives, and staff, here’s an excellent New Year’s Resolution – Act now! Resuscitate your enterprise cyber risk management program (ECRM)! IntroductionAs if you haven’t heard the admonition enough, a recent interview in an MIT Sloan Executive...
Voltaire and Cyber Risk Management
Voltaire and Cyber Risk ManagementRecent conversations with Fortune 500 CISOs, CIOs, C-suite executives, and board members remind me of the importance of words and their definitions. Perhaps it’s the relative immaturity of the field of cyber risk management and,...
Privacy, Cybersecurity, ESG – Inextricably Linked
Privacy, Cybersecurity, ESG - Inextricably LinkedIntroduction In my Blog Series, SEC “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” Proposed Rule Changes, I covered the proposed changes in the SEC rulemaking. That blog series aims at...
Should Not-for-Profit and Private Companies Care about Proposed SEC Cyber Disclosure Requirements?
Blog #6 – Epilogue to SEC Cyber Series Should Not-for-Profit and Private Companies Care about Proposed SEC Cyber Disclosure Requirements? Introduction In my Blog Series, SEC “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” Proposed Rule...
Disclosure Regarding the Board of Directors’ Cybersecurity Expertise
Blog #5 of 5 in SEC Cyber SeriesDisclosure Regarding the Board of Directors’ Cybersecurity Expertise [1]Introduction In the first post in this series Overview of the SEC “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” Proposed Rule...
Disclosure of a Registrant’s Risk Management, Strategy, and Governance Regarding Cybersecurity Risks
Blog #4 of 5 in SEC Cyber SeriesDisclosure of a Registrant’s Risk Management, Strategy, and Governance Regarding Cybersecurity Risks[1]Introduction In the first post in this series Overview of the SEC “Cybersecurity Risk Management, Strategy, Governance, and Incident...