CHIME LEAD San Francisco 2015 "Case Studies from the Field: Putting Cyber Security Strategies into Action"
•
1 recomendación•348 vistas
CHIME LEAD San Francisco 2015 "Case Studies from the Field: Putting Cyber Security Strategies into Action" 02:30 - 03:30pm "Case Studies from the Field: Putting Cyber Security Strategies into Action" Learn from those in the trenches who have deployed effective cyber strategies in their organizations, foiled attacks and managed breach situations. Learn approaches for success and pitfalls to avoid by exploring the experience of others with deployment and management of cyber security strategies and plans. Learning Objectives: Identify successes, challenges and lessons learned with implementation of cyber strategies Identify success strategies for gaining the C Suite support and ways cyber security can be integrated into the organization's culture and work processes. Identify best practices with anticipating new and emerging threats and ways to maintain a proactive position instead of reactive Identify approaches for breach preparation and breach management
Recomendados
Más contenido relacionado
Más de Health IT Conference – iHT2
Más de Health IT Conference – iHT2 (20)
Último
Último (20)
CHIME LEAD San Francisco 2015 "Case Studies from the Field: Putting Cyber Security Strategies into Action"
- 1. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Case Studies from the Field _____ Putting Cyber Security Strategies into Action ● Blaine Hebert, Information Security Officer, Rady Children’s Hospital-San Diego ●
- 2. BitCoin-A Hospital Case Study A CHIME Leadership Education and Development Forum in collaboration with iHT2
- 3. Blaine Hebert, Information Security Officer, Rady Childrens Hospital • What is BitCoin? Virtual or digital Currency • How does it work? Computers validate bitcoin transactions by processing mathematical algorithms. This takes severe processing power to make it beneficial to the miner.
- 4. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 5. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 6. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 7. Blaine Hebert, Information Security Officer, Rady Childrens Hospital Internet Filter Computer Anomalies Computer Software Google Searches
- 8. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 9. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 10. Blaine Hebert, Information Security Officer, Rady Childrens Hospital
- 11. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Case Studies from the Field _____ Putting Cyber Security Strategies into Action ● Patrick Wilson, CISO and Director of Clinical Applications, Contra Costa County Health Services ● #LEAD15
- 12. A CHIME Leadership Education and Development Forum in collaboration with iHT2 A Best Defense isn’t Always a Fence
- 13. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Everyone Trusts Someone Wearing a Coat
- 14. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Found this in on a filing cabinet. Don’t be a Target
- 15. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Case Studies from the Field _____ Putting Cyber Security Strategies into Action ● Keith Graat, CISSP, CEH, Chief Information Security Officer, Eisenhower Medical Center #LEAD15
- 16. EMC’s Environment • 476 Bed Hospital • ~2600 Employees • ~3700 Workstations • ~700 Servers • 200+ Applications
- 17. Problem • Ensure any email leaving the organization containing PHI is encrypted per policy. • Protect PHI from leaving the organization through email in unauthorized and insecure manner. • Ability to audit and log all email activity where PHI is involved.
- 18. Data Loss Prevention (DLP) • DLP finds PHI via email and other channels and takes action if it doesn’t meet our policies. • Selected a DLP solution that did exact data matching. • We knew what data we wanted to protect (PHI).
- 19. How We Did It • Setup the DLP solution to catalog our databases that contain PHI. Specifically last name and any of the following: – MRN, HNE, Account # and SSN • Put the product in logging mode for a few months and tweaked as needed. • Communicated to the organization and leadership team of the upcoming change.
- 20. How We Did It • Setup violation notifications to email the source sender and their manager. • Worked with Compliance and had a “soft go live” where we gave the organization 1 month before taking corrective action with employees. • Regular review of DLP reports to ensure the system is functioning appropriately.
- 21. Results • Prior to DLP on a monthly average we identified 300 unencrypted emails with PHI and 1200 that were encrypted. • Eight months since email DLP has been in place and we have seen a monthly average of 43 blocked unencrypted emails with PHI and 1800 that were encrypted. • Violation false positive rate is less than 1%.
- 22. Lessons Learned • Great tool to identify trends and opportunities for training and improvement. • Users will email files to their personal email addresses so they can work from home. • Violations included: – Emails to business partners. – Acquisitions that haven’t been fully integrated. – IS Employees – Log files, applications dumps.
- 23. Conclusion • DLP has been a very effective solution for us. • Choose a solution that can scale to other areas, for example web traffic, endpoints, reporting. • DLP can be a great solution to finding where your PHI lives in your environment. • Has the potential to consume a lot of resources.