The National Institute of Standards and Technology (NIST) developed a framework for improving critical infrastructure cybersecurity known as the NIST Cybersecurity Framework. It is a model used by organizations to assess and improve their capability to prevent, detect, and respond to cyber threats and incidents [1]. The framework is designed for businesses and IT professionals to accurately identify, adequately protect and detect, and efficiently and effectively respond and recover from cyber threats and incidents.
In the early 1990’s, it became clear that the health care industry needed to become more efficient with medical records and patient information. Managing filing systems in healthcare practices became full time jobs for individuals, progressing to dedicated teams of employees whose sole responsibility was to manage patient information on paper. Computerizing medical records was the next logical evolution of managing medical records, but there needed to be a set of standards that governed how healthcare data should be managed.
This is a slimmed down version of an essay written in early 2017 by Bryan for his Master of Cybersecurity degree at Purdue University.
The stock market crash of 1929 that led to the Great Depression of the early 1930’s also led to the creation of the Securities Exchange Act of 1934 [4]. From the Securities Exchange Act came the Securities and Exchange Commission (SEC) tasked with not only restoring confidence in the financial markets, it defined and enforced laws regarding investments in publicly traded companies, specifically, the placement of investors first above the needs and owners of the business [4].