Summary

In this conversation, Geoff Hancock, Global CISO and Deputy CEO for Access Point Consulting, speaks with Rick Leib, Access Point’s Field CISO, discussing the importance of cybersecurity in healthcare organizations. They highlight the prevalence of ransomware attacks in the healthcare industry and the need for improved malware defenses and patch management.

Rick emphasizes the importance of separating IT and security departments and implementing a zero trust model. He also discusses the role of MSSPs in healthcare organizations and provides recommendations for 2024, including increasing malware resilience and security staffing. The conversation concludes with key takeaways, such as the need for executive commitment, talent and skills, prioritizing protection, and preparedness.

Takeaways

• Ransomware attacks are a significant threat to healthcare organizations, and improving malware defenses and patch management is crucial.
• Separating IT and security departments is essential to ensure proper focus on information security and compliance.
• Implementing a zero trust model can enhance cybersecurity in healthcare organizations.
• Engaging with MSSPs can provide expertise and guidance in managing cybersecurity risks.

Chapters

00:00 Introduction and the Need for Cybersecurity in Healthcare

01:08 Ransomware Attacks in Healthcare

03:21 Separating IT and Security Departments

04:51 Building Cyber Resilience in Healthcare Organizations

05:50 The Importance of Encryption and Third-Party Risk Management

08:40 Implementing a Zero Trust Model

10:35 Key Performance Indicators and Key Risk Indicators

11:30 Recommendations for 2024: Increasing Malware Resilience and Security Staffing

13:52 The Role of MSSPs in Healthcare Organizations

21:34 The Dangers of Focusing Solely on Compliance

23:29 Key Takeaways: Executive Commitment, Talent and Skills, Prioritizing Protection, and Preparedness

Learn more at accesspointconsulting.com.