Sign up to save your podcasts
Or
Share SOS2 - Redefining Healthcare Security: A Zero Trust Blueprint
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SOS2 - Redefining Healthcare Security: A Zero Trust Blueprint
Summary
In this episode, Rick Leib, Field CISO for Access Point Consulting, discusses the challenges and strategies for cybersecurity in healthcare organizations. He emphasizes the need for healthcare organizations to stop relying solely on perimeter security and to hire executives who can effectively sell security to the board and senior executive staff. Rick also highlights the importance of addressing legacy systems, managing medical devices securely, engaging third-party providers, and investing in information security. He recommends conducting risk assessments, practicing tabletop exercises, and involving executives in the security program. Additionally, Rick suggests considering the role of a virtual CISO to provide guidance and expertise.
Takeaways
- Healthcare organizations should stop relying solely on perimeter security and invest in a multi-layered security approach.
- Hiring executives who can effectively sell security to the board and senior executive staff is crucial for healthcare organizations.
- Addressing legacy systems and managing medical devices securely are key challenges in healthcare cybersecurity.
- Engaging third-party providers requires a thorough third-party risk management system.
- Investing in information security, practicing tabletop exercises, and reinforcing the basics are essential for healthcare organizations.
- Involving executives in the security program and considering the role of a virtual CISO can greatly enhance cybersecurity in healthcare organizations.
Chapters
00:00 Introduction
01:20 Challenges in cybersecurity for healthcare organizations
05:58 Managing medical devices in a secure way
07:50 Engaging third-party providers in healthcare
10:39 Importance of employee training in healthcare organizations
12:34 Ransomware and the need for proactive security operations
14:02 Securing medical devices through micro-segmentation
20:16 The importance of risk assessments and incident response plans
23:36 Investing in information security and practicing tabletop exercises
29:15 Reinforcing the basics and involving executives in security
32:06 The role of a virtual CISO in healthcare organizations
33:03 Conclusion and call to action
View all episodes
By Access Point ConsultingSummary
In this episode, Rick Leib, Field CISO for Access Point Consulting, discusses the challenges and strategies for cybersecurity in healthcare organizations. He emphasizes the need for healthcare organizations to stop relying solely on perimeter security and to hire executives who can effectively sell security to the board and senior executive staff. Rick also highlights the importance of addressing legacy systems, managing medical devices securely, engaging third-party providers, and investing in information security. He recommends conducting risk assessments, practicing tabletop exercises, and involving executives in the security program. Additionally, Rick suggests considering the role of a virtual CISO to provide guidance and expertise.
Takeaways
- Healthcare organizations should stop relying solely on perimeter security and invest in a multi-layered security approach.
- Hiring executives who can effectively sell security to the board and senior executive staff is crucial for healthcare organizations.
- Addressing legacy systems and managing medical devices securely are key challenges in healthcare cybersecurity.
- Engaging third-party providers requires a thorough third-party risk management system.
- Investing in information security, practicing tabletop exercises, and reinforcing the basics are essential for healthcare organizations.
- Involving executives in the security program and considering the role of a virtual CISO can greatly enhance cybersecurity in healthcare organizations.
Chapters
00:00 Introduction
01:20 Challenges in cybersecurity for healthcare organizations
05:58 Managing medical devices in a secure way
07:50 Engaging third-party providers in healthcare
10:39 Importance of employee training in healthcare organizations
12:34 Ransomware and the need for proactive security operations
14:02 Securing medical devices through micro-segmentation
20:16 The importance of risk assessments and incident response plans
23:36 Investing in information security and practicing tabletop exercises
29:15 Reinforcing the basics and involving executives in security
32:06 The role of a virtual CISO in healthcare organizations
33:03 Conclusion and call to action