Sign up to save your podcasts
Or
Share Q&A with Cleveland Clinic’s Director of Cyber Keith Duemling: Show the Business You’re an Ally
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Q&A with Cleveland Clinic’s Director of Cyber Keith Duemling: Show the Business You’re an Ally
Published December 2022 –
“Protecting workstations in their traditional form is not a technique that scales any longer,” says Keith Duemling, director of cybersecurity technology protection at the Cleveland Clinic. In this interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra, Duemling talks about how he and his team of cybersecurity engineers have no small task tackling “the sheer magnitude and scale of security” at the clinic, which involves literally thousands of vendors. Third-party risk is a key trend to watch, but so is the increase in patient-owned devices being used for diagnostic purposes, Duemling says. “It’s really challenging because obviously you can’t deploy traditional tools onto someone’s privately owned device, but you are, to some degree, still responsible for the protection of their information, and certainly their protection when it comes to the care that they receive.” Ultimately, it requires building strong relationships in the enterprise and getting out in front of demand when it comes to IT.
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
Bold Statements
“I think that that underscores the importance of maintaining a strong relationship with different areas of the organization, not just being there when they come to you with an ask, but really getting out in front of the demand and the need for IT services and cyber services and building those relationships.”
“ … that’s caused us to elevate the conversation of losing IT systems, less as an inconvenience and more towards the position of losing a piece of critical infrastructure within the hospital system.”
“I could see future legislation actually coming out that mandates that medical device, medical software vendors pursue one of a short list of frameworks so that it helps, at an industry level, to obtain that increased level of comfort.”
Guerra: Thanks for joining me.
Duemling: Absolutely. Thanks. Glad to be here.
Guerra: All right, Keith, do you want to start off by telling me a little bit about your organization and your role?
Duemling: Sure. I appreciate the time, Anthony. So I’m director of technology protection here at the Cleveland Clinic. Overall, I’m responsible for several teams of engineers who support a number of cybersecurity platforms that are used throughout our enterprise to protect our clinical business and research operations throughout North America and Europe. I’ve been with the Cleveland Clinic for going on five years, and prior to that I had about 13 years in healthcare at another organization in Northeast Ohio.
Guerra: Excellent. Tell us a little bit more about your career journey. I like to find out how people wound up in healthcare and IT security. It’s a pretty specific little niche to wind up in. So just take us through your career and how you wound up where you are.
Duemling: Sure, that’s a great question. Like most individuals, when I embarked on this journey, my intention wasn’t cybersecurity, to be honest, and it actually wasn’t even IT. After my time in the service with the US Army as a quartermaster, I started out studying to be a pharmacist and ultimately found my interest took me into technology.
And then from there, I dabbled with technology, and then made it my profession, and then made the switch to cybersecurity, probably I want to say going on almost 20 years ago, before it was actually considered cybersecurity,
View all episodes
By Anthony Guerra
5
33 ratings
Published December 2022 –
“Protecting workstations in their traditional form is not a technique that scales any longer,” says Keith Duemling, director of cybersecurity technology protection at the Cleveland Clinic. In this interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra, Duemling talks about how he and his team of cybersecurity engineers have no small task tackling “the sheer magnitude and scale of security” at the clinic, which involves literally thousands of vendors. Third-party risk is a key trend to watch, but so is the increase in patient-owned devices being used for diagnostic purposes, Duemling says. “It’s really challenging because obviously you can’t deploy traditional tools onto someone’s privately owned device, but you are, to some degree, still responsible for the protection of their information, and certainly their protection when it comes to the care that they receive.” Ultimately, it requires building strong relationships in the enterprise and getting out in front of demand when it comes to IT.
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
Bold Statements
“I think that that underscores the importance of maintaining a strong relationship with different areas of the organization, not just being there when they come to you with an ask, but really getting out in front of the demand and the need for IT services and cyber services and building those relationships.”
“ … that’s caused us to elevate the conversation of losing IT systems, less as an inconvenience and more towards the position of losing a piece of critical infrastructure within the hospital system.”
“I could see future legislation actually coming out that mandates that medical device, medical software vendors pursue one of a short list of frameworks so that it helps, at an industry level, to obtain that increased level of comfort.”
Guerra: Thanks for joining me.
Duemling: Absolutely. Thanks. Glad to be here.
Guerra: All right, Keith, do you want to start off by telling me a little bit about your organization and your role?
Duemling: Sure. I appreciate the time, Anthony. So I’m director of technology protection here at the Cleveland Clinic. Overall, I’m responsible for several teams of engineers who support a number of cybersecurity platforms that are used throughout our enterprise to protect our clinical business and research operations throughout North America and Europe. I’ve been with the Cleveland Clinic for going on five years, and prior to that I had about 13 years in healthcare at another organization in Northeast Ohio.
Guerra: Excellent. Tell us a little bit more about your career journey. I like to find out how people wound up in healthcare and IT security. It’s a pretty specific little niche to wind up in. So just take us through your career and how you wound up where you are.
Duemling: Sure, that’s a great question. Like most individuals, when I embarked on this journey, my intention wasn’t cybersecurity, to be honest, and it actually wasn’t even IT. After my time in the service with the US Army as a quartermaster, I started out studying to be a pharmacist and ultimately found my interest took me into technology.
And then from there, I dabbled with technology, and then made it my profession, and then made the switch to cybersecurity, probably I want to say going on almost 20 years ago, before it was actually considered cybersecurity,
More shows like healthsystemCIO.com
View all
Acquired
3,946 Listeners
The Daily
111,562 Listeners
SmartLess
57,908 Listeners
This Week Health: Newsroom
26 Listeners