Cyber security risk management: what should we be talking about?

November 27, 2016 by ahmed

Cyber_security

Originally posted on Blogrige by Dawn Marie Bailey

Disrupting, destroying, or threatening the delivery of an organization’s essential services—no matter what industry they are in—can be mitigated by chief information officers following six steps—among them elements that are in complete alignment with the Baldrige Excellence Framework, according to a cyber security expert.In a recent blog “CEOs: Interviewing CIOs? Six Things to Listen for Regarding Cyber Security Risk Management,” Todd McQueston, head of global product marketing and business development for Wolters Kluwer Health, compiled what C-suite leaders should be talking about, based on an interview with Bob Merkle, a cyber security risk management consultant. Among the six things to listen for include long-term systems thinking and a strong quality control system.

McQueston also highlights the recent NIST announcement regarding the Baldrige Cybersecurity Initiative, which has been publicly endorsed by, among others, U.S. Chief Information Officer Tony Scott, who is helping to lead the President’s Cybersecurity National Action Plan. (The Baldrige Program is currently seeking feedback on the Baldrige Cybersecurity Excellence Builder, a self-assessment tool integrating Baldrige concepts and the NIST Cybersecurity Framework.) The Baldrige Cybersecurity Excellence Builder is intended to enable organizations to better understand the effectiveness of their cybersecurity efforts and identify opportunities for improvement.

To read McQueston’s complete blog, please go to https://www.linkedin.com/pulse/ceos-interviewing-cios-six-things-listen-regarding-cyber-mcqueston.

1070 Total Views 3 Views Today
Print Print

No Comments

No comments yet.

RSS feed for comments on this post.

Leave a comment

* Copy This Password *

* Type Or Paste Password Here *