User:Shawndouglas/sandbox/sublevel3
_(28979530692).jpg)
he realities of business dictate that time is indeed valuable.[1] For a business to meet its primary goals, an investment of time and resources are required by those involved in the business. For a clinical laboratory, that means laboratorians performing analyses, making quality control checks, managing test results and reporting, and more. How much time do they truly need to commit in any given week to developing cybersecurity skills? And beyond the individual level, how much time does the business as a whole want to commit? With a need for training, infrastructure management, policy development and management, and recovery and continuity activities, your business has a lot to consider. These and other questions must be asked in relation to the realistic amount of resources available to the business and its personnel.
Here are a few additional questions to ask, as suggested by NARUC[2]:
- "What level of staff time should [a business] dedicate to learning about cybersecurity and developing skills necessary to achieve stated goals?"
- "Do staff need to become subject-matter experts, or is it enough that they are familiar with the language and terms?"
- "Do any staff need one-time training, ongoing training, certifications, or security clearances?"
- "Does the [business] have enough personnel to build and maintain relationships with [cybersecurity stakeholders]?"
References
- ↑ Cakmak, J. (11 January 2019). "Time is Money, Money is Time, and What That Means for Tech". Techonomy. Techonomy Media, Inc. https://techonomy.com/2019/01/time-money-money-time-means-tech/. Retrieved 23 July 2020.
- ↑ Cadmus Group, LLC (30 October 2018). "Cybersecurity Strategy Development Guide" (PDF). National Association of Regulatory Utility Commissioners. https://pubs.naruc.org/pub/8C1D5CDD-A2C8-DA11-6DF8-FCC89B5A3204. Retrieved 23 July 2020.
