Understanding the Perfect Storm of Vulnerabilities to Manage Cyberthreats
IoT, Ransomware, Human Factors of Cybersecurity, and Data Protection
No matter how robust your organization's security stack is, vulnerabilities to intrusions still exist. Unmanaged cyberthreats can compromise your organization’s ability to perform its mission by putting critical assets, data, and services at risk. As more and more organizations move toward the cloud, keeping track of where sensitive data resides becomes increasingly difficult putting increasing pressure on data security teams. Melissa Lawlor, Director of Security GRC, of Hackensack Meridian Health, Dr. Mauricio Angee, Chief Security Officer, of the University of Miami, and Michael Ebert, Partner at Guidehouse Cyber Security Leader, discuss how healthcare organizations can competently manage critical privacy and security issues.
With 875 security breaches last year only, representing over 61 million health records, and with the advent of patients becoming more directly involved with their own healthcare via the Internet, often with at-home acute care biomedical censoring devices attached to the cloud — being and staying HIPAA compliant is not only a challenge, it’s not enough these days. Coupled with new hospital medical devices coming online daily, like thermostats, oxygen vaults and other similar equipment, understanding foundational security controls is paramount to managing privacy. This adds significant complexity in data collection and management associated with these devices.
All this complexity necessitates the need for solid and adaptable security plans that can be tested so that any vulnerabilities can be remediated quickly. Listen to the podcast or watch the full interview (below) to hear how technology is changing and how to adapt processes and systems in place to improve access management and privileged access management.
Watch the panel:
The Panel:
Mauricio Angee
University of Miami Health System
Dr. Mauricio Angée is a seasoned Certified Information Systems Security Professional (CISSP) with over 30 years of experience in healthcare, banking and financial services, and the government sectors, with a strong background in cybersecurity, information assurance, privacy, regulatory compliance, and risk management.
Melissa Lawlor
Hackensack Meridian Health
Melissa currently serves as the Director of IT Security GRC at Hackensack Meridian Health (HMH) where she is responsible for the design, development, and deployment of proactive security initiatives that contribute to an improved security posture for the organization. Before joining HMH, Melissa was a Director in KPMG’s Cyber Practice where she held many responsibilities, most notably as one of three National Quality Directors for Healthcare Security. During her time at KPMG, Melissa acted as HMH’s interim CISO leveraging her understanding of the business aspects of security to streamline processes and assist HMH with their transition from assessments to programmatic remediation initiatives.
Michael Ebert
Guidehouse
Michael is a partner in Guidehouse’s Advanced Solutions Cybersecurity practice, specifically in Healthcare and Life Sciences industries. He has substantial experience leading and coordinating healthcare regulatory compliance and IT advisory engagements, with a focus on cybersecurity and data privacy. He is experienced with various areas of healthcare & life science regulatory compliance, information management, and information security, with specialization in the fields of risk management and business enablement.