The HIMSS Cybersecurity Call to Action includes an appeal to use a cybersecurity framework across the sector. There are several out there to choose from and, as we state in our call, HIMSS recommends the NIST Cybersecurity Framework. In our latest cybersecurity survey, we asked respondents whether or not they used a framework, and if so, which one they used. While we learned that the majority of respondents that do use a framework use NIST, HITRUST and Critical Security Controls, we also learned that about 17 percent of the respondents use no framework at all.
Welcome to Code Red, the HIMSS cybersecurity podcast. In this episode, we wanted to look more deeply into the issue of frameworks how they’re used and implemented; I spoke to Bayardo Alvarez, director of information technology at Boston Pain Care, and Sean Murphy, Vice president and CISO at Premera Blue Cross about their choice and use of frameworks.
As you’ll hear, they’ve made different choices, represent very different organizations, and are at different phases of implementation.
This Episode’s Guest
VP, Chief Information Security Officer
Premera Blue Cross
Director, Information Technology
Boston Paincare Center