Bob Chaput to Podcast Listeners: Stop Focusing on the "Cyberthreat Du Jour," Start Adopting a Risk Management "Long View"

Home/Compliance and Information Risk Management Blog /Bob Chaput to Podcast Listeners: Stop Focusing on the "Cyberthreat Du Jour," Start Adopting a Risk Management "Long View"


In a podcast published on April 25, 2017, Marianne Kolbasuk McGee, executive editor of Information Security Media Group's interviewed Clearwater CEO, Bob Chaput.


Throughout the podcast, McGee's listeners and vast readership gain Chaput's insight about the steps he suggests healthcare sector entities take to improve their approach to information risk management.


Chaput begins by sharing that cyber threats are constantly evolving, and he warns that a focus solely on the current threats leaves organizations vulnerable to evolving and changing threat sources, threat events, vulnerabilities and controls.


McGee poses questions about the common missteps healthcare organizations make in approaching security risk management, corrective actions that can be taken toward having a more "programmatic" approach to security risk management, and why organizations must look beyond simply complying with HIPAA regulations.


Chaput and McGee also discuss why adopting the NIST Cybersecurity Framework (NIST CSF) is of paramount importance.


Throughout the podcast's range of topics and McGee's questions, Chaput's guiding message to's podcast listeners and readership is clear: "... as you stand up a risk management program, it must transcend today's information assets ... threat sources ... threat events ... vulnerabilities ... controls. All of those key ingredients in an information risk management program, and specifically in doing risk analysis, are constantly changing." Therefore, organizations need to strike a balance in dealing with today's issues and building a program with a long view.


Listen to's podcast, "Why Focusing Too Much on Today's Cyber Threats Is a Bad Idea" featuring subject matter expert and Clearwater CEO, Bob Chaput, CISSP, HCISPP, CRISC, CIPP/US.

By Clearwater | April 27, 2017 | Blog, Uncategorized | 0 Comments

About the Author: Clearwater


Clearwater helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI). We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.

Subscribe for News