25 Jan Given what you have seen as the role of a CISO, how could you succinctly explain the importance of NIST to the System Owner?
As you have been studying this week, controls are measures implemented to reduce the likelihood, as well as impact elements, of risk. Controls may target specific vulnerabilities in an asset or be used to generally protect several assets. Within the healthcare industry, the Health Insurance Portability and Accountability Act (HIPAA) Security Rule helps to target security control selection. The NIST SP 800-53a security control catalog is often used to select and implement security controls to meet the HIPAA Security Rule requirement.
Respond to the following in a minimum of 175 words:
~Review the February 2013 Executive Order 13636, “Improving Critical Infrastructure Cybersecurity.”
~Consider why NISTSP 800-53a is often used for complying with the HIPAA Security Rule in health care institutions that are private entities.
~Given what you have seen as the role of a CISO, how could you succinctly explain the importance of NIST to the System Owner?
