CHIME LEAD San Francisco 2015 "Case Studies from the Field: Putting Cyber Security Strategies into Action"
02:30 - 03:30pm
"Case Studies from the Field: Putting Cyber Security Strategies into Action"
Learn from those in the trenches who have deployed effective cyber strategies in their organizations, foiled attacks and managed breach situations. Learn approaches for success and pitfalls to avoid by exploring the experience of others with deployment and management of cyber security strategies and plans.
Learning Objectives:
Identify successes, challenges and lessons learned with implementation of cyber strategies
Identify success strategies for gaining the C Suite support and ways cyber security can be integrated into the organization's culture and work processes.
Identify best practices with anticipating new and emerging threats and ways to maintain a proactive position instead of reactive
Identify approaches for breach preparation and breach management
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
CHIME LEAD San Francisco 2015 "Case Studies from the Field: Putting Cyber Security Strategies into Action"
1. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Case Studies from the Field
_____
Putting Cyber Security Strategies into Action
● Blaine Hebert, Information Security Officer, Rady Children’s Hospital-San Diego ●
2. BitCoin-A Hospital Case Study
A CHIME Leadership Education and Development Forum in collaboration with iHT2
3. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
• What is BitCoin? Virtual or digital Currency
• How does it work? Computers validate bitcoin transactions by
processing mathematical algorithms. This takes severe
processing power to make it beneficial to the miner.
11. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Case Studies from the Field
_____
Putting Cyber Security Strategies into Action
● Patrick Wilson, CISO and Director of Clinical Applications, Contra Costa County
Health Services ●
#LEAD15
12. A CHIME Leadership Education and Development Forum in collaboration with iHT2
A Best Defense isn’t
Always a Fence
13. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Everyone Trusts Someone
Wearing a Coat
14. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Found this in on a filing cabinet.
Don’t be a Target
15. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Case Studies from the Field
_____
Putting Cyber Security Strategies into Action
● Keith Graat, CISSP, CEH, Chief Information Security Officer, Eisenhower Medical Center
#LEAD15
17. Problem
• Ensure any email leaving the organization
containing PHI is encrypted per policy.
• Protect PHI from leaving the organization
through email in unauthorized and insecure
manner.
• Ability to audit and log all email activity where
PHI is involved.
18. Data Loss Prevention (DLP)
• DLP finds PHI via email and other channels
and takes action if it doesn’t meet our policies.
• Selected a DLP solution that did exact data
matching.
• We knew what data we wanted to protect
(PHI).
19. How We Did It
• Setup the DLP solution to catalog our databases that
contain PHI. Specifically last name and any of the
following:
– MRN, HNE, Account # and SSN
• Put the product in logging mode for a few months and
tweaked as needed.
• Communicated to the organization and leadership
team of the upcoming change.
20. How We Did It
• Setup violation notifications to email the source
sender and their manager.
• Worked with Compliance and had a “soft go live”
where we gave the organization 1 month before
taking corrective action with employees.
• Regular review of DLP reports to ensure the
system is functioning appropriately.
21. Results
• Prior to DLP on a monthly average we identified 300
unencrypted emails with PHI and 1200 that were
encrypted.
• Eight months since email DLP has been in place and
we have seen a monthly average of 43 blocked
unencrypted emails with PHI and 1800 that were
encrypted.
• Violation false positive rate is less than 1%.
22. Lessons Learned
• Great tool to identify trends and opportunities for
training and improvement.
• Users will email files to their personal email addresses
so they can work from home.
• Violations included:
– Emails to business partners.
– Acquisitions that haven’t been fully integrated.
– IS Employees – Log files, applications dumps.
23. Conclusion
• DLP has been a very effective solution for us.
• Choose a solution that can scale to other areas, for
example web traffic, endpoints, reporting.
• DLP can be a great solution to finding where your
PHI lives in your environment.
• Has the potential to consume a lot of resources.