Enhancing Cybersecurity Response in Healthcare
According to The Third Annual Study on the Cyber Resilient Organization by IBM Security and the Ponemon Institute, less than one-fourth of the 2800 respondents said they had a formal cybersecurity incident response plan (CSIRP). Also, a similar number expressed not having a Chief Information Security Officer (CISO) or security leader. Around half the respondents claimed to have an informal incident response plan or no plan in existence and more than three-fourths of the respondents highlighted the difficulty to recruit and retain IT security professionals.
Many healthcare organizations today also feel that the duration of incident resolution and the severity of attacks have increased. It is due to the rising sophistication of hackers.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) provides healthcare the framework required to build comprehensive resilience. The diversity within the healthcare industry landscape alongside the education and awareness about cybersecurity required challenges cybersecurity measures and the NIST CSF works at helping organizations of all sizes and types develop an iterative and dynamic cybersecurity risk management plan. NIST CSF Program Manager, Matt Barrett cited the 2017 WannaCry ransomware attack, highlighting the importance of maintaining cyber hygiene with regular patches.
As per recent CynergisTek report findings, almost half the healthcare entities (hospitals, clinics, payers, business associates, and ancillary facilities), exhibited compliance with NIST CSF controls. Most organizations have poor detection of potential cybersecurity threats, but machine learning and behavioral analytics are being perceived as having the potential to improve threat detection.
As per Ted Julian, the IBM Resilient VP of Product Management and Co-Founder, cybersecurity in healthcare requires assimilation of human and machine intelligence combating cybersecurity threats, with security personnel being armed with both technical tools and training.
By Tom Conophy, CIO, Staples Inc.
By Joe Touey, SVP, GSK North America Pharmaceuticals IT
By Eric Tamblyn, Global VP-Guru Managed Services, Genesys
By Charlie Isaacs, CTO, IoT, Salesforce
By Jonathan Rosenberg, VP & CTO, Collaboration, Cisco
By Dave Doyle, CIO & SVP, IT, Regal Entertainment Group
By Jeffrey Keisling, CIO and SVP, Pfizer
By Colin Boyd, VP & CIO, Joy Global Inc
By George Hines, CIO, Massage Envy
By Mark Jacobsohn, SVP, Booz Allen Hamilton
By Mike Gioja, CIO and SVP of IT, Product Management and...
By Nathan Johnson, SVP and CIO, Werner Enterprises [NASDAQ:...
By Darrell Edwards, SVP and Chief Supply Chain Officer,...
By Hannah Datz, VP Retail North America, SAP Hybris
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Robert Garrison, CIO, DTCC
By Mike Sakamoto, CTO, California Department of Health Care...
By Bradley Peterson, EVP & CIO, NASDAQ
By Steve Betts, SVP and CIO, Blue Cross and Blue Shield and...
By Kathryn Kai-ling (Ho) Frederick, EVP, Growth & Insights,...