At the RSA Conference, Health-ISAC, Verizon, Microsoft, and more than 30 other organizations signed a cyber risk management pledge to combat ransomware and other cyber threats.
#CRMPledge
By Jill McKeon. Read full article at HealthIT Security here:
– At the RSA Conference on Wednesday, cybersecurity experts announced that 37 companies and organizations from eight countries signed a cyber risk management pledge, promising to bolster cyber resiliency and tackle today’s most critical cyber threats.
In partnership with the Coalition to Reduce Cyber Risk (CR2), organizations including Health-ISAC, Microsoft, Verizon, AWS, AT&T, Cisco, Mastercard, the
US Chamber of Commerce, JP Morgan Chase, and the CyberPeace Institute vowed to counter cyber threats and adopt internationally accepted cybersecurity frameworks.
“The signatories to this pledge understand that in order to enhance cyber resiliency and counter evolving cross-border cyber threats such as the growth of ransomware, we must enable the seamless implementation of risk-based approaches to cybersecurity around the world,” the pledge stated.
“Internationally recognized cybersecurity frameworks and standards that are based upon the principles of risk management and relevant across sectors support such implementation by strengthening consistency and continuity among interconnected sectors and throughout global supply chains.”
The pledge contained the following specific actions that the 37 organizations agreed upon:
– Encourage the development, evolution and implementation of risk-based approaches based on consensus-based frameworks, standards and risk management best practices, such as ISO/IEC 27110 and 27103, or the NIST Cybersecurity Framework
– Support efforts of our vendors and supply chain contributors to adopt risk-based cybersecurity approaches in order to help small businesses flourish while improving the resiliency of the cyber ecosystem
– Incorporate ISO/IEC 27110 and 27103, the NIST Cybersecurity Framework, or other widely accepted international cybersecurity standards as a foundation of our cybersecurity policies and controls wherever applicable and feasible
– Periodically reassess our cybersecurity policies and controls against revisions to such cybersecurity standards and actively participate in industry-driven initiatives to improve those standards.
The health sector is highly interconnected and reliant on other critical infrastructures to deliver patient care,” Errol Weiss, CSO of Health-ISAC, told HealthITSecurity.
“Health-ISAC supports the CR2 initiatives as we see this as a means to raise awareness of cyber security and encouraging adoption of sound risk management principles to improve resilience of the entire healthcare sector.”
A pledge of this magnitude is uncommon and signifies an increased focus on cybersecurity across all sectors and countries around the world.
“A commitment to internationally recognized cyber risk management approaches and frameworks that are relevant across sectors can bring widespread economic benefits, help governments achieve their policy goals, bolster collective security, and enhance cyber resiliency across the ecosystem,” the pledge concluded.
#CRMPledge
This website uses cookies to improve your experience and we may collect data from you when you interact with us through the website. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
