healthsystemCIO.com

Most CISOs understand that one of their key phone calls after a ransomware incident will be to the FBI, but what they may not appreciate is that it shouldn’t be their first to that organization. That’s because the emergency call will be much more effective, and the response much more efficient, if a relationship has […] Source: Q&A with Alan McHugh, Chief, FBI Cyber Division, Cyber Crime Tactical Intelligence Unit: “The Time to Call the FBI is Now” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

One the main keys to success in any business is focusing on certain products and services to the exclusion of others – to draw a circle in the sand and say, ‘We play in these areas, and in them we will be the best.’ If an organization can’t be great at something that others are doing better, it may be time to reallocate those resources. For Damon Auer, the time for health systems with hospitals at their core to decouple from the ambulatory/retail space is now. It’s a bold prediction, driven by the observable fact that new entrants into that space are providing an Amazon-like experience which established, acute-centric organizations can only dream about. In this Partner Perspective interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra; Auer, Chief Executive & Managing Director, North America, Dedalus Group, discusses these issues and many more. Source: Partner Perspective: Most Health Systems Should Initiate ‘Conscious Decoupling’ from Ambulatory/Retail Care on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Your organization needs cyber insurance. Why? Over 80% of organizations experienced at least one successful phishing attack in 2021, and 54% experienced a cyberattack in the last 12 months. Considering the average cost of a data breach was $4.35 million in 2022 – and even higher in the healthcare industry at $10.1 million – cyber insurance is a business concern that urgently needs your attention. But getting and keeping cyber insurance coverage is increasingly challenging in today’s market – as is getting your claims approved. And even when your claim is approved, you may have insufficient coverage to compensate you. Only 19% percent of organizations have cyber insurance coverage over $600,000, while the average ransomware payment in 2021 was over $810,000. In this timely webinar, we'll hear from leaders about how they are tackling the cyber insurance challenge. Source: Understanding Your Cyber Insurance Needs & Keys to Obtaining Coverage on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Busy CISOs working in healthcare never lack actionable threat intelligence. What they need is to quickly find the signal within the noise of cybersecurity alerts – and then effectively remediate risks and vulnerabilities before they can compromise PHI and other sensitive healthcare data. The talent shortage in cybersecurity has left many in-house security teams understaffed and overwhelmed, especially when it comes to cloud-based workloads. That's why our panel of healthcare security leaders are ready to share their insights on optimizing governance, policies, and tools, including software and managed services, to not only patch apps but proactively hunt threats. In this timely webinar, hear from security leaders who are focused on leveraging all appropriate tools to keep their organizations up and running. Join us to dive into the crucial topic of Mean Time to Respond/Remediate (MTTR), an obstacle healthcare CISOs must overcome daily.  Source: Keys to Minimizing Threat Alert to Remediation Time on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Email is the lifeblood of any organization, with thousands coming in every day. It’s also the number one attack vector. Unfortunately, even the best filtering tools miss between 7 and 10 percent of the spam that CISOs would love to see caught. That puts the onus on employees to manually filter the rest. It’s for […] Source: Q&A with Rebecca Kennis, CISO, Arnot Health: My One Number Job is Creating a Culture of Security on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Email is both the lifeblood of an organization's communications and -- for that very reason -- the number one vector cyber criminals are leveraging to wreak havoc. To protect email, smart organizations are using a combination of employee education, process improvement and tools (including role-based personas) to prevent people from falling for phishing attacks. But it's not as simple as locking everything down, because any steps that decrease the deliverability of legitimate emails cause a negative impact on operations, and possibly patient care. In this timely webinar, we'll speak to leaders who are focused on doing everything possible to ensure that authentic email -- and only that -- gets delivered intact and on time. Source: Strategies for Enhancing Email Security While Ensuring Deliverability on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

“No one sits you down and teaches you how to look at data,” said Linda Stevenson, CIO at Fisher-Titus. In a recent interview, she spoke about the need for ongoing training, the “cybersecurity by committee” approach her team is taking, the challenges facing rural healthcare leaders, and how her yoga training has paid off. Source: Q&A with Fisher-Titus CIO Linda Stevenson: “Every Conversation, Every Project Starts with Why.” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Most IT executives know that, despite taking all prudent measures, breaches are going to happen. And these days those breaches are sometimes followed by lawsuits (recently reaching class-action status). Even short of lawsuits, OCR or another entity could always come calling for one reason or another, demanding an intense look around. So what's a CIO or CISO to do? Skate to the puck, that's what. In this timely webinar, we'll hear from leaders who have put time and energy into understanding the complexities of securing patient data as well as running the kind of IT shop that can respond to audit inquiries while continuing to protect the enterprise. Source: Keys to Running an Audit-Ready IT Shop on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Though the exact order may differ, almost every CIO & CISO will say that medical device security is one of their top three concerns. And those who have made little headway with this challenge will confess that a tool alone -- absent sound governance & sensible policies -- won't solve the problem. That's because reducing medical device security risks to a point that everyone can sleep at night is dependent on IT, IT security and biomed/clinical engineering all working together, with actions like product security reviews, equipment purchasing and patching all happening in the right sequence and with the right collaboration. In this webinar, we'll hear from leaders who are well versed in the optimal governance structures that, when combined with the right tools, can reduce medical devices security risks in a systemic and sustainable way. Source: Grounding Your Medical Device Security Program in Good Governance on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.

Randall “Fritz” Frietzsche has been on a mission to protect and serve for a long time. Way back when, it was in traditional law enforcement as a deputy sheriff. Later, as he embraced his technical acumen, it was in cybersecurity. But Frietzsche, Enterprise CISO for Denver Health, attests that all the technical chops in the […] Source: Q&A with Denver Health Enterprise CISO Randall “Fritz” Frietzsche: “Building Relationships & Mastering Communication are Keys to CISO Effectiveness” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.