In February, National Institute of Standards and Technology (NIST) released its updated Cybersecurity Framework (CSF 2.0), which included a newly added Govern function, as well as target profiles to help companies better evaluate and improve their cybersecurity strategies. We spoke with Dave Bailey, VP of Consulting Services at Clearwater Security, about how these updates can enhance cybersecurity in healthcare and MedTech organizations.
How does the Govern function in the NIST CSF 2.0 help healthcare organizations better understand their cybersecurity risks?
Bailey: Adding the Govern function into NIST CSF 2.0 underscores the need for leadership in healthcare organizations to play an active role in cybersecurity. Governance enables effective and proper risk management, including the determination of risk tolerance and establishing a risk threshold. This includes building executive-level support to achieve your cybersecurity goals.
Leadership sets the tone in an organization on the importance of cybersecurity and addressing cyber risks. It has the power to remove roadblocks and allocate resources for…
