Sign up to save your podcasts
Or
Share Q&A with Steward Health Care CISO Esmond Kane: “Ransomware Actors Are Also Innovating”
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Q&A with Steward Health Care CISO Esmond Kane: “Ransomware Actors Are Also Innovating”
Published January 2023 –
Two or three healthcare organizations a day are falling victim to a ransomware attack, according to Esmond Kane, chief information security officer (CISO), of Steward Health Care and former CISO for Harvard. The way to fight that is to use creativity, perseverance and innovation, he says. And keep in mind, the bad guys are also innovating at the same time you are. In this interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra, Kane discusses the increasingly challenging role of the CISO and how he uses behavioral questions to find the right candidates for his team. Credentials and HR screening will not always reveal the best choice, but finding out how passionate someone is at their hobbies just might. And when it comes to the board, never tell them you can keep your institution 100 percent safe, because that’s not reality, Kane says.
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
Bold Statements
“I want people to understand probability because with the pace of change, sometimes, of the threat actors coming at us, you may never get to 100% certainty.”
“ … there is an analogy sometimes that we have to get cybersecurity right 100% of the time, and the bad guys only have to get it right once. That’s a recipe for self-destruction.”
“It’s far too easy to enter analysis paralysis, it’s far too easy to think that the latest and greatest software solution is going to solve the problem for you. My values, the programs that I build, are based upon doing the right thing, minimizing regret, and making sure that what you’re doing is future proof.”
Guerra: Thanks for joining me.
Kane: No problem. Anthony, thank you for the invitation. I look forward to our conversation.
Guerra: Very good. Esmond. Can you start off by telling me a little bit about your organization and your role?
Kane: So I’m the chief information security officer for a multinational healthcare delivery organization called Steward Health care. We’re in nine states domestically in the US. We’re in four countries internationally. There’s about 40 or so hospitals nationally, and then about 10 hospitals and clinics internationally. It’s big.
Guerra: It’s big. Yes, it definitely sounds big. Can you tell me a little bit about your career path? How you wound up in healthcare security, that type of thing?
Kane: That’s an interesting question. So I started down the IT track, I was a geek for lack of better expression in the west coast of Ireland, which wasn’t necessarily known for some of its technical aptitude. And I certainly found it very limiting. So when I made my way to the big cities for college, I started to really find my feet in a technical aspect and gravitated towards IT professions. I had my own stint as an entrepreneur. And then I fell into working in the States, fell into the path a lot of other IT practitioners do, working their way up from the help desk, desktop, you know, networking, then into a management role.
And then about 10 or 15 years ago, closer to 15, I was very lucky to be headhunted by the then CISO for Harvard University, where I was working. And he was very appreciative of the program I had built in one of the divisions in Harvard, and he said, “Listen, I want you to come do that for me and do it for all the rest of the school.” So I sat down with my wife, I had a young family at the time,
View all episodes
By Anthony Guerra
5
33 ratings
Published January 2023 –
Two or three healthcare organizations a day are falling victim to a ransomware attack, according to Esmond Kane, chief information security officer (CISO), of Steward Health Care and former CISO for Harvard. The way to fight that is to use creativity, perseverance and innovation, he says. And keep in mind, the bad guys are also innovating at the same time you are. In this interview with healthsystemCIO Founder and Editor-in-Chief Anthony Guerra, Kane discusses the increasingly challenging role of the CISO and how he uses behavioral questions to find the right candidates for his team. Credentials and HR screening will not always reveal the best choice, but finding out how passionate someone is at their hobbies just might. And when it comes to the board, never tell them you can keep your institution 100 percent safe, because that’s not reality, Kane says.
LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE.
Bold Statements
“I want people to understand probability because with the pace of change, sometimes, of the threat actors coming at us, you may never get to 100% certainty.”
“ … there is an analogy sometimes that we have to get cybersecurity right 100% of the time, and the bad guys only have to get it right once. That’s a recipe for self-destruction.”
“It’s far too easy to enter analysis paralysis, it’s far too easy to think that the latest and greatest software solution is going to solve the problem for you. My values, the programs that I build, are based upon doing the right thing, minimizing regret, and making sure that what you’re doing is future proof.”
Guerra: Thanks for joining me.
Kane: No problem. Anthony, thank you for the invitation. I look forward to our conversation.
Guerra: Very good. Esmond. Can you start off by telling me a little bit about your organization and your role?
Kane: So I’m the chief information security officer for a multinational healthcare delivery organization called Steward Health care. We’re in nine states domestically in the US. We’re in four countries internationally. There’s about 40 or so hospitals nationally, and then about 10 hospitals and clinics internationally. It’s big.
Guerra: It’s big. Yes, it definitely sounds big. Can you tell me a little bit about your career path? How you wound up in healthcare security, that type of thing?
Kane: That’s an interesting question. So I started down the IT track, I was a geek for lack of better expression in the west coast of Ireland, which wasn’t necessarily known for some of its technical aptitude. And I certainly found it very limiting. So when I made my way to the big cities for college, I started to really find my feet in a technical aspect and gravitated towards IT professions. I had my own stint as an entrepreneur. And then I fell into working in the States, fell into the path a lot of other IT practitioners do, working their way up from the help desk, desktop, you know, networking, then into a management role.
And then about 10 or 15 years ago, closer to 15, I was very lucky to be headhunted by the then CISO for Harvard University, where I was working. And he was very appreciative of the program I had built in one of the divisions in Harvard, and he said, “Listen, I want you to come do that for me and do it for all the rest of the school.” So I sat down with my wife, I had a young family at the time,
More shows like healthsystemCIO.com
View all
Acquired
3,946 Listeners
The Daily
111,562 Listeners
SmartLess
57,908 Listeners
This Week Health: Newsroom
26 Listeners