SlideShare una empresa de Scribd logo

Cyber Security Crucial for Healthcare Organizations

Health IT Conference – iHT2
Health IT Conference – iHT2

CHIME LEAD New York 2014 Opening Keynote "What is Cyber Security and Why is it Crucial to Your Organization?" Gaining C-Suite support for a robust cyber security strategy is critical for funding, adoption and overall success. To ensure organizational support, there must be a solid understanding of cyber security, how to protect the organization's technology and data assets, the intersection of risk management and the impact cybercrimes can have on the organization's financial viability, operations, patient care and reputation. The session addresses the current state and emerging trends with digital disruptions, cyber crimes and threats along with the impact they have on organizations. This session will discussed how this is changing the ways CIOs approach technology deployment and security management. Learning Objectives: Describe the components of effective cyber security and latest trends Describe effective approaches addressing cyber threat and risk assessments Describe the importance of investing in cyber security and the risks involved with not adequately addressing cyber security Discuss ways to educate and drive awareness of on the importance of cyber security and risk management so it becomes part of the organization's culture Mac McMillan, FHIMSS, CISM CEO and Founder Cynergistek, Inc.

Educación
1 de 21
Descargar para leer sin conexión
A CHIME Leadership Education and Development Forum in collaboration with iHT2 What is Cyber Security and Why is it Crucial to Your Organization? ________ Key Attributes for Success, Challenges and Critical Success Factors ●Mac McMillan . FHIMSS/CISM . CEO CynergisTek, Inc. ● #LEAD14
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Sun Tzu & Cybercrime •“If you know the enemy, and know yourself, then you may not fear the results of a hundred battles. If you know yourself but not the enemy, for every victory gained you will suffer a defeat.” •He went on to say, “If you know neither the enemy or yourself you will suffer a hundred defeats.” •Ahundred of anything in a Chinese Proverb is generally very good or very bad…
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Cybercriminals Today •12 y/o learning computers in middle school •14 y/o home schooled girl tired of social events •15 y/o in New Zealand just joined a defacement group •16 y/o in Tokyo learning programming in high school •19 y/o in college putting course work to work •20 y/o fast food employee that is bored •22 y/o in Mali working in a carding ring •24 y/o black hat trying to hack whoever he can •25 y/o soldier in East European country •26 y/o contractor deployed over seas •28 y/o in Oregon who believes in hacktivism •30 y/o white hat who has a black hat background •32 y/o researcher who finds vulnerabilities in systems •35 y/o employee who sees a target of opportunity •37 y/o rouge intelligence officer •39 y/o disgruntled admin passed over •41 y/o private investigator •44 y/o malware author paid per compromised host •49 y/o pharmacist in midlife crisis •55 y/o nurse with a drug problem
A CHIME Leadership Education and Development Forum in collaboration with iHT2 2014 Cyber Incidents •4M medical records maintained on four workstations •Physician loses laptop with psychiatric patients records •Neurologic institute accidentally emails10,000 patient records to 200 patients •Phishing/hacking nets nearly $3M from six healthcare entities •University reports laptop with patient information stolen out of a student’scar •Vendorsells hospital’s X-rays (films) to third party •Residentloses track of USB with over 500 orthopedic patients information •Portable electronic device with patient data stolen from hospital •Physicianhas laptop stolen from vacation home •2200 physicians victims of ID theft/tax fraud •Stolen laptop from nurse’shome with patient data •Printersreturned to leasing company compromise thousands of patient records •Health System reports third stolen laptop with 13,000 patient records •400 hospitals billings delayed as clearinghouse hit with ransomware
A CHIME Leadership Education and Development Forum in collaboration with iHT2 The Emergent Threat Black Hat 2014 •Snatching passwords w/ Google Glass •Screen scraping VDI anonymously •Compromising AD through Kerberos •Remote attacks against cars •Memory scraping for credit cards •Compromising USB controller chips •Cellular compromise through control code •Free cloud botnets for malware •Mobile device compromise through MDM flaws •Cryptographic flaws and a Rosetta Stone
Black Market Driven •Darknetswill be more active, participants will be vetted, cryptocurrencieswill be used, greater anonymity in malware, more encryption in communications and transactions •Black markets will help attackers outpace defenders •Hyperconnectivitywill create greater opportunity for incidents •Exploitation of social networks and mobile devices will grow •More hacking for hire, as-a-service, and brokering Rand National Security Research Division
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Increased Reliance BYOD Physician Alignment Business Associates Patient Engagement Big Data Accountable Care Organization Meaningful Use Supply Chain Research Telemedicine Ingestibles Health Information Exchanges Today’s CISO has to understand the needs of the business as well as have the security expertise to match the demands of both the threat and the business. Simply understanding HIPAA is not enough in todays modern health IT environment. It’s not about compliance, it’s about assurance.
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Trust, But Verify •It is estimated that more than half of all security incidents involve staff. •More than 70% of identity theft and fraud were committed by knowledgeable insiders –physicians, nurses, pharmacy techs, admissions, billing, etc. •2013 witnessed a 20% increase in medical identity theft. •Traditional audit methods & manual auditing is completely inadequate. •Behavior modeling, pattern analysis and anomaly detection is what is needed.
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Resilient Supply Chains •Greater due diligence in vetting vendors •Security requirements in contracting should be SLA based •Particular attention to cloud, SaaS, infrastructure support, critical service providers •Life cycle approach to data protection •Detailed breach and termination provisions
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Trusted Medical Devices In June 2013 the DHS tested 300 devices from 40 vendors, ALL failed. In response the FDA issued guidance for manufacturers and consumers addressing design, implementation and radio frequency considerations. The Washington Post October 21, 2013 The headline read: “Yes, Terrorists could have hacked Dick Cheney’s heart.”
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Administrative Discipline •3.4 million BotNetsactive •20-40% of recipients in phishing exercises fall for scam •26% of malware delivered via HTML, one in less than 300 emails infected •Malware analyzed was found undetectable by nearly 50% of all anti- virus engines tested •As of April 2014 Microsoft no longer provides patches for WN XP, WN 2003 and WN 2000, NT, etc. •EOL systems still prevalent in healthcare networks •Hardening, patching, configuration, change management…all critical •Objective testing and assessment “FBI alert warns healthcare not prepared” 2006 200K 2008 15M 2012 23M 2013 73M 2014 100M
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Embrace Mobility of Data •Medical staff are turning to their mobile devices to communicate because its easier, faster, more efficient… •Sharing lab or test results, locating another physician for a consult, sharing images of wounds and radiology images, updating attending staff on patient condition, getting direction for treatment, locating a specialist and collaborating with them, transmitting trauma information or images to Eds, prescribing or placing orders •Priority placed on the data first and the device second •Restrict physical access where possible, encrypt the rest
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Prioritize Efforts to Fight ID Theft & Fraud •ID theft and fraud costs billions each year, affecting everyone •US CERT estimates 47% of cybercrime aimed at healthcare •Healthcare directed attacks have increased more than 20% a year for the last three years running •Identity theft incidents are rising and becoming more costly. –Insiders selling information to others –Hackers exploiting systems –Malware with directed payloads –Phishing for the “big” ones
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Lose Assets, Not Data •1 in 4 houses is burglarized, a B&E happens every 9 minutes, more than 20,000 laptops are left in airports each year… •First rule of security: no one is immune •138%: the % increase in records exposed in 2013 •83%: the %of large breaches involving theft •6 –10%: the average shrinkage rate for mobile devices •Typical assets inventories are off by 60% “That’s a big number because its meant to drive home the point that unencrypted laptops and mobile devices pose significant risk to the security of patient information.” -Sue McAndrew, OCR
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Lower Your Risk Profile •Defenses are not keeping pace •Three most common attacks: spear phishing, Trojans & Malvertising •APTs, phishing, water cooler attacks, fraud, etc. •Most organizations can’t detect or address these threats effectively •An advanced incident response capability is required •Results in losses of time, dollars, downtime, reputation, breaches, litigation, etc. •Conduct independent risk assessments regularly 0 50 100 Organizationssuffering a… Sophistication ofattack hardest… No increase inbudget for… Targeted Attacks “I feel like I am a targeted class, and I want to know what this institution is doing about it!” Anonymous Doctor
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Manage The Cost of Security Discovery, Notification & Response Business Disruption ID Theft Monitoring Investigation/Review Law Suit Defense State Actions Federal CAP/RA Civil Penalties Criminal Penalties Insurance Degradation of Brand/Image Distraction of Staff Physician Alignment/Nurses and Staff Agreement Patient Confidence/Loyalty HCAPPS Score Impacts VBP Payments Impacts
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Reduce Your Exposure •OCRs permanent audit program will resume in FY 2015 with new capabilities •Improvements and automation in reporting and handling complaints •Meaningful Use audits are evolving in scope and impact •The FTC remains committed to enforcement of privacy and security •Business associates will present new risks for covered entities •States continue to create new laws Covered entities and business associates must understand that security is their obligation. Sue McAndrew, OCR Single law in EU 2014 Two Laws seeking to unify requirements in US
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Make The Investment •In a 2014 study HC CISOs gave themselves an average maturity rating of 4.35 on a scale of 1-7 •Many report missing critical technologies to fight today’s threats •More than half of healthcare entities spend less than 3% of their IT budget on data protection •Less than half have a full time CISO or information security manager •Many healthcare security managers are first timers OCRs investigation found that Concentra had recognized in its risk assessments that the lack of encryption created risks. They had taken steps to begin encryption, but efforts were incomplete and inadequate over time supposedly due to budget issues leaving assets vulnerable.
A CHIME Leadership Education and Development Forum in collaboration with iHT2 What We Need Now •Enlightened leadership •Skilled personnel •Intelligence •Smarter rules •A better road map •Vigilance
A CHIME Leadership Education and Development Forum in collaboration with iHT2 Today’s CISO Must… •Be a leader •Possess business acumen •Be comfortable managing risk •Be a team player •Be able to plan ahead •Be an effective communicator •Be able to drive process •Understand and apply psychology/sociology •Be politically savvy, and •Know privacy & security
Q & A Mac McMillan mac.mcmillan@cynergistek.com (512) 402-8555 A CHIME Leadership Education and Development Forum in collaboration with iHT2 Insert Twitter handle(s) here

Recomendados

CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...Health IT Conference – iHT2
 
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...Health IT Conference – iHT2
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015Health IT Conference – iHT2
 
Panel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie WaggonerPanel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie Waggonermihinpr
 
The case for a Cybersecurity Expert on the Board of an SEC firm
The case for a Cybersecurity Expert on the Board of an SEC firmThe case for a Cybersecurity Expert on the Board of an SEC firm
The case for a Cybersecurity Expert on the Board of an SEC firmDavid Sweigert
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
2014 Executive Breach Preparedness Research Report
2014 Executive Breach Preparedness Research Report2014 Executive Breach Preparedness Research Report
2014 Executive Breach Preparedness Research ReportHewlett Packard Enterprise Business Value Exchange
 

Recomendados

CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...
CHIME LEAD DC 2014 - Opening Keynote "What is Cyber Security and Why is it Cr...Health IT Conference – iHT2
 
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...Health IT Conference – iHT2
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015Health IT Conference – iHT2
 
Panel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie WaggonerPanel Cyber Security and Privacy without Carrie Waggoner
Panel Cyber Security and Privacy without Carrie Waggonermihinpr
 
The case for a Cybersecurity Expert on the Board of an SEC firm
The case for a Cybersecurity Expert on the Board of an SEC firmThe case for a Cybersecurity Expert on the Board of an SEC firm
The case for a Cybersecurity Expert on the Board of an SEC firmDavid Sweigert
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
2014 Executive Breach Preparedness Research Report
2014 Executive Breach Preparedness Research Report2014 Executive Breach Preparedness Research Report
2014 Executive Breach Preparedness Research ReportHewlett Packard Enterprise Business Value Exchange
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyDonny Shimamoto
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec Website Security
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarFERMA
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaRegional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaMartin M
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015Numaan Huq
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksThis account is closed
 
How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!Tammy Clark
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterPatricia M Watson
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedPrista Corporation
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams Arun Chinnaraju MBA, PMP, CSM, CSPO, SA
 
India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013Dinesh O Bareja
 
Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...Case IQ
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...Health IT Conference – iHT2
 
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...Health IT Conference – iHT2
 

Más contenido relacionado

La actualidad más candente

Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyDonny Shimamoto
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec Website Security
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin OCTF Industry Engagement
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarFERMA
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackMekhi Da ‘Quay Daniels
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threatzhihaochen
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...Casey Ellis
 
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaRegional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaMartin M
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Grant Barker
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015Numaan Huq
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksThis account is closed
 
How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!Tammy Clark
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterPatricia M Watson
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionRamón Gómez de Olea y Bustinza
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedPrista Corporation
 
India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013Dinesh O Bareja
 
Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...Case IQ
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityShareDocView.com
 

La actualidad más candente (20)

Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
 
Symantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threatsSymantec: The rise of hacktivism and insider threats
Symantec: The rise of hacktivism and insider threats
 
CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin CRI "Lessons From The Front Lines" March 26th Dublin
CRI "Lessons From The Front Lines" March 26th Dublin
 
Executive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk WebinarExecutive Summary on the Cyber Risk Webinar
Executive Summary on the Cyber Risk Webinar
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
MCCA Global TEC Forum - Bug Bounties, Ransomware, and Other Cyber Hype for Le...
 
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi KenyaRegional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
Regional Cyber Security Summit 2016 May 11th-13th Weston Hotel Nairobi Kenya
 
Cyber security for ia and risk 150601
Cyber security for ia and risk 150601Cyber security for ia and risk 150601
Cyber security for ia and risk 150601
 
NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015NumaanHuq_Hackfest2015
NumaanHuq_Hackfest2015
 
Protecting Your Business From Cyber Risks
Protecting Your Business From Cyber RisksProtecting Your Business From Cyber Risks
Protecting Your Business From Cyber Risks
 
How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!How Do You Create A Successful Information Security Program Hire A Great Iso!!
How Do You Create A Successful Information Security Program Hire A Great Iso!!
 
Cyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise ChapterCyber Security Threats | IIA Boise Chapter
Cyber Security Threats | IIA Boise Chapter
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
 
NACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 publishedNACD Directorship Article - Cyber July:Aug 2015 published
NACD Directorship Article - Cyber July:Aug 2015 published
 
5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams 5 Questions Executives Should Be Asking Their Security Teams
5 Questions Executives Should Be Asking Their Security Teams
 
India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013India Top5 Information Security Concerns 2013
India Top5 Information Security Concerns 2013
 
Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...Handling whistleblower complaints a global perspective for north american c...
Handling whistleblower complaints a global perspective for north american c...
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital Future
 
Leveraging Board Governance for Cybersecurity
Leveraging Board Governance for CybersecurityLeveraging Board Governance for Cybersecurity
Leveraging Board Governance for Cybersecurity
 

Destacado

Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...Health IT Conference – iHT2
 
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...Health IT Conference – iHT2
 
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...Health IT Conference – iHT2
 
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...Health IT Conference – iHT2
 
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...Health IT Conference – iHT2
 
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...Health IT Conference – iHT2
 
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...Health IT Conference – iHT2
 

Destacado (9)

Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
Health IT Summit New York 2014 - Presentation with Daniel Barchi, SVP & CIO, ...
 
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
CHIME LEAD New York 2014 "Case Studies from the Field: Putting Cyber Security...
 
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...
Health IT Summit Boston 2014 – Opening Keynote John Halamka “Health IT in a H...
 
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...
iHT² CMIO & Physician Executive Symposium, “The Last Mile: What EMR and Claim...
 
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...
iHT² CMIO & Physician Executive Symposium, “Disruptive & Innovative Technolog...
 
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...
iHT² Research Report Findings – Episode Analytics: Essential Tools for New He...
 
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...
iHT² Health IT Summit San Francisco – Case Study “MLK 2.0: Building Value Bas...
 
2016 iHT2 Miami Health IT Summit
2016 iHT2 Miami Health IT Summit2016 iHT2 Miami Health IT Summit
2016 iHT2 Miami Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 

Similar a Cyber Security Crucial for Healthcare Organizations

mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...Levi Shapiro
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingJoe Nathans
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdframsetl
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBAlan Greggo
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyJames Mulhern
 
2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trendsDImension Data
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleAyodeji Rotibi
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?Diaspark
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersSarah K Miller
 

Similar a Cyber Security Crucial for Healthcare Organizations (20)

2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
mHealth Israel_Cyber Risk in Healthcare_Mary Alice Annecharico_CIO Henry Ford...
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 
2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum 2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Insider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdfInsider_Threats_in_Healthcare_1651617236.pdf
Insider_Threats_in_Healthcare_1651617236.pdf
 
Cybersecurity and data privacy
Cybersecurity and data privacyCybersecurity and data privacy
Cybersecurity and data privacy
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
Cyber security
Cyber securityCyber security
Cyber security
 
Core Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MBCore Elements of Retail LP Shortened version 15MB
Core Elements of Retail LP Shortened version 15MB
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
Cybersecurity 101 final
Cybersecurity 101 finalCybersecurity 101 final
Cybersecurity 101 final
 
War Against Terrorism - CIO's Role
War Against Terrorism - CIO's RoleWar Against Terrorism - CIO's Role
War Against Terrorism - CIO's Role
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
 
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
INFOGRAPHIC: IS YOUR PATIENT DATA PROTECTED?
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency Managers
 

Más de Health IT Conference – iHT2

Welcome and Opening Remarks - 2015 iHT2 Beverly Hills
Welcome and Opening Remarks - 2015 iHT2 Beverly HillsWelcome and Opening Remarks - 2015 iHT2 Beverly Hills
Welcome and Opening Remarks - 2015 iHT2 Beverly HillsHealth IT Conference – iHT2
 

Más de Health IT Conference – iHT2 (20)

2016 iHT2 Miami Health IT Summit
2016 iHT2 Miami Health IT Summit2016 iHT2 Miami Health IT Summit
2016 iHT2 Miami Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 
2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit2016 iHT2 San Diego Health IT Summit
2016 iHT2 San Diego Health IT Summit
 
2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum
 
2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum
 
2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum2015 Houston CHIME Lead Forum
2015 Houston CHIME Lead Forum
 
2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit
 
2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit
 
2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit
 
2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit
 
2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit 2015 iHT2 Health IT Beverly Hills Summit
2015 iHT2 Health IT Beverly Hills Summit
 
iHT2 Health IT Beverly Hills Summit - 2015
iHT2 Health IT Beverly Hills Summit - 2015iHT2 Health IT Beverly Hills Summit - 2015
iHT2 Health IT Beverly Hills Summit - 2015
 
Welcome and Opening Remarks - 2015 iHT2 Beverly Hills
Welcome and Opening Remarks - 2015 iHT2 Beverly HillsWelcome and Opening Remarks - 2015 iHT2 Beverly Hills
Welcome and Opening Remarks - 2015 iHT2 Beverly Hills
 
iHT2 Health IT Chicago Summit
iHT2 Health IT Chicago SummitiHT2 Health IT Chicago Summit
iHT2 Health IT Chicago Summit
 
iHT2 Health IT Chicago Summit
iHT2 Health IT Chicago SummitiHT2 Health IT Chicago Summit
iHT2 Health IT Chicago Summit
 
iHT2 Health IT Chicago Summit
iHT2 Health IT Chicago SummitiHT2 Health IT Chicago Summit
iHT2 Health IT Chicago Summit
 

Último

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17Celine George
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptshraddhaparab530
 

Último (20)

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17How to Add Barcode on PDF Report in Odoo 17
How to Add Barcode on PDF Report in Odoo 17
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
 

Cyber Security Crucial for Healthcare Organizations

  • 1. A CHIME Leadership Education and Development Forum in collaboration with iHT2 What is Cyber Security and Why is it Crucial to Your Organization? ________ Key Attributes for Success, Challenges and Critical Success Factors ●Mac McMillan . FHIMSS/CISM . CEO CynergisTek, Inc. ● #LEAD14
  • 2. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Sun Tzu & Cybercrime •“If you know the enemy, and know yourself, then you may not fear the results of a hundred battles. If you know yourself but not the enemy, for every victory gained you will suffer a defeat.” •He went on to say, “If you know neither the enemy or yourself you will suffer a hundred defeats.” •Ahundred of anything in a Chinese Proverb is generally very good or very bad…
  • 3. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Cybercriminals Today •12 y/o learning computers in middle school •14 y/o home schooled girl tired of social events •15 y/o in New Zealand just joined a defacement group •16 y/o in Tokyo learning programming in high school •19 y/o in college putting course work to work •20 y/o fast food employee that is bored •22 y/o in Mali working in a carding ring •24 y/o black hat trying to hack whoever he can •25 y/o soldier in East European country •26 y/o contractor deployed over seas •28 y/o in Oregon who believes in hacktivism •30 y/o white hat who has a black hat background •32 y/o researcher who finds vulnerabilities in systems •35 y/o employee who sees a target of opportunity •37 y/o rouge intelligence officer •39 y/o disgruntled admin passed over •41 y/o private investigator •44 y/o malware author paid per compromised host •49 y/o pharmacist in midlife crisis •55 y/o nurse with a drug problem
  • 4. A CHIME Leadership Education and Development Forum in collaboration with iHT2 2014 Cyber Incidents •4M medical records maintained on four workstations •Physician loses laptop with psychiatric patients records •Neurologic institute accidentally emails10,000 patient records to 200 patients •Phishing/hacking nets nearly $3M from six healthcare entities •University reports laptop with patient information stolen out of a student’scar •Vendorsells hospital’s X-rays (films) to third party •Residentloses track of USB with over 500 orthopedic patients information •Portable electronic device with patient data stolen from hospital •Physicianhas laptop stolen from vacation home •2200 physicians victims of ID theft/tax fraud •Stolen laptop from nurse’shome with patient data •Printersreturned to leasing company compromise thousands of patient records •Health System reports third stolen laptop with 13,000 patient records •400 hospitals billings delayed as clearinghouse hit with ransomware
  • 5. A CHIME Leadership Education and Development Forum in collaboration with iHT2 The Emergent Threat Black Hat 2014 •Snatching passwords w/ Google Glass •Screen scraping VDI anonymously •Compromising AD through Kerberos •Remote attacks against cars •Memory scraping for credit cards •Compromising USB controller chips •Cellular compromise through control code •Free cloud botnets for malware •Mobile device compromise through MDM flaws •Cryptographic flaws and a Rosetta Stone
  • 6. Black Market Driven •Darknetswill be more active, participants will be vetted, cryptocurrencieswill be used, greater anonymity in malware, more encryption in communications and transactions •Black markets will help attackers outpace defenders •Hyperconnectivitywill create greater opportunity for incidents •Exploitation of social networks and mobile devices will grow •More hacking for hire, as-a-service, and brokering Rand National Security Research Division
  • 7. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Increased Reliance BYOD Physician Alignment Business Associates Patient Engagement Big Data Accountable Care Organization Meaningful Use Supply Chain Research Telemedicine Ingestibles Health Information Exchanges Today’s CISO has to understand the needs of the business as well as have the security expertise to match the demands of both the threat and the business. Simply understanding HIPAA is not enough in todays modern health IT environment. It’s not about compliance, it’s about assurance.
  • 8. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Trust, But Verify •It is estimated that more than half of all security incidents involve staff. •More than 70% of identity theft and fraud were committed by knowledgeable insiders –physicians, nurses, pharmacy techs, admissions, billing, etc. •2013 witnessed a 20% increase in medical identity theft. •Traditional audit methods & manual auditing is completely inadequate. •Behavior modeling, pattern analysis and anomaly detection is what is needed.
  • 9. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Resilient Supply Chains •Greater due diligence in vetting vendors •Security requirements in contracting should be SLA based •Particular attention to cloud, SaaS, infrastructure support, critical service providers •Life cycle approach to data protection •Detailed breach and termination provisions
  • 10. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Trusted Medical Devices In June 2013 the DHS tested 300 devices from 40 vendors, ALL failed. In response the FDA issued guidance for manufacturers and consumers addressing design, implementation and radio frequency considerations. The Washington Post October 21, 2013 The headline read: “Yes, Terrorists could have hacked Dick Cheney’s heart.”
  • 11. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Administrative Discipline •3.4 million BotNetsactive •20-40% of recipients in phishing exercises fall for scam •26% of malware delivered via HTML, one in less than 300 emails infected •Malware analyzed was found undetectable by nearly 50% of all anti- virus engines tested •As of April 2014 Microsoft no longer provides patches for WN XP, WN 2003 and WN 2000, NT, etc. •EOL systems still prevalent in healthcare networks •Hardening, patching, configuration, change management…all critical •Objective testing and assessment “FBI alert warns healthcare not prepared” 2006 200K 2008 15M 2012 23M 2013 73M 2014 100M
  • 12. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Embrace Mobility of Data •Medical staff are turning to their mobile devices to communicate because its easier, faster, more efficient… •Sharing lab or test results, locating another physician for a consult, sharing images of wounds and radiology images, updating attending staff on patient condition, getting direction for treatment, locating a specialist and collaborating with them, transmitting trauma information or images to Eds, prescribing or placing orders •Priority placed on the data first and the device second •Restrict physical access where possible, encrypt the rest
  • 13. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Prioritize Efforts to Fight ID Theft & Fraud •ID theft and fraud costs billions each year, affecting everyone •US CERT estimates 47% of cybercrime aimed at healthcare •Healthcare directed attacks have increased more than 20% a year for the last three years running •Identity theft incidents are rising and becoming more costly. –Insiders selling information to others –Hackers exploiting systems –Malware with directed payloads –Phishing for the “big” ones
  • 14. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Lose Assets, Not Data •1 in 4 houses is burglarized, a B&E happens every 9 minutes, more than 20,000 laptops are left in airports each year… •First rule of security: no one is immune •138%: the % increase in records exposed in 2013 •83%: the %of large breaches involving theft •6 –10%: the average shrinkage rate for mobile devices •Typical assets inventories are off by 60% “That’s a big number because its meant to drive home the point that unencrypted laptops and mobile devices pose significant risk to the security of patient information.” -Sue McAndrew, OCR
  • 15. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Lower Your Risk Profile •Defenses are not keeping pace •Three most common attacks: spear phishing, Trojans & Malvertising •APTs, phishing, water cooler attacks, fraud, etc. •Most organizations can’t detect or address these threats effectively •An advanced incident response capability is required •Results in losses of time, dollars, downtime, reputation, breaches, litigation, etc. •Conduct independent risk assessments regularly 0 50 100 Organizationssuffering a… Sophistication ofattack hardest… No increase inbudget for… Targeted Attacks “I feel like I am a targeted class, and I want to know what this institution is doing about it!” Anonymous Doctor
  • 16. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Manage The Cost of Security Discovery, Notification & Response Business Disruption ID Theft Monitoring Investigation/Review Law Suit Defense State Actions Federal CAP/RA Civil Penalties Criminal Penalties Insurance Degradation of Brand/Image Distraction of Staff Physician Alignment/Nurses and Staff Agreement Patient Confidence/Loyalty HCAPPS Score Impacts VBP Payments Impacts
  • 17. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Reduce Your Exposure •OCRs permanent audit program will resume in FY 2015 with new capabilities •Improvements and automation in reporting and handling complaints •Meaningful Use audits are evolving in scope and impact •The FTC remains committed to enforcement of privacy and security •Business associates will present new risks for covered entities •States continue to create new laws Covered entities and business associates must understand that security is their obligation. Sue McAndrew, OCR Single law in EU 2014 Two Laws seeking to unify requirements in US
  • 18. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Make The Investment •In a 2014 study HC CISOs gave themselves an average maturity rating of 4.35 on a scale of 1-7 •Many report missing critical technologies to fight today’s threats •More than half of healthcare entities spend less than 3% of their IT budget on data protection •Less than half have a full time CISO or information security manager •Many healthcare security managers are first timers OCRs investigation found that Concentra had recognized in its risk assessments that the lack of encryption created risks. They had taken steps to begin encryption, but efforts were incomplete and inadequate over time supposedly due to budget issues leaving assets vulnerable.
  • 19. A CHIME Leadership Education and Development Forum in collaboration with iHT2 What We Need Now •Enlightened leadership •Skilled personnel •Intelligence •Smarter rules •A better road map •Vigilance
  • 20. A CHIME Leadership Education and Development Forum in collaboration with iHT2 Today’s CISO Must… •Be a leader •Possess business acumen •Be comfortable managing risk •Be a team player •Be able to plan ahead •Be an effective communicator •Be able to drive process •Understand and apply psychology/sociology •Be politically savvy, and •Know privacy & security
  • 21. Q & A Mac McMillan mac.mcmillan@cynergistek.com (512) 402-8555 A CHIME Leadership Education and Development Forum in collaboration with iHT2 Insert Twitter handle(s) here