This Week Health

Top 5 issues facing Healthcare CIOs. Today, #2 Cybersecurity.

Transcript
Speaker:

Today in health.

Speaker:

It, this story is the second item of our top of mind issues for healthcare CEOs.

Speaker:

Cybersecurity.

Speaker:

My name is bill Russell.

Speaker:

I'm a former CIO for a 16 hospital system and creator of this week in health.

Speaker:

It.

Speaker:

A channel dedicated to keeping health it staff current and engaged.

Speaker:

Just quick reminder, this time.

Speaker:

Very quick.

Speaker:

We have four shows for next year, this week health news to stay current.

Speaker:

This week health conference for keynote interviews and emerging products.

Speaker:

This week health community, where we hear from you about interesting solutions

Speaker:

to the problems facing healthcare from the people who are solving them.

Speaker:

And finally this week health academy, where you can go or send people to learn

Speaker:

about the intersection of technology and healthcare, you can sign up at this week.

Speaker:

health.com/shows.

Speaker:

All right.

Speaker:

We said, we're going to run through this week.

Speaker:

The top five.

Speaker:

Top of mind issues.

Speaker:

For CEO's from the conferences I was at recently doing interviews

Speaker:

and having conversations.

Speaker:

Those were labor, cyber, digital automation, and caravan use we'll cover

Speaker:

the next three over the next three days.

Speaker:

We covered labor yesterday.

Speaker:

And went into detail on the battle for staff and retention.

Speaker:

Today's cybersecurity.

Speaker:

2020.

Speaker:Or:Speaker:

It's hard to really determine where this actually happened, but let's just

Speaker:

say over the last 24 months, It felt like a scene from the garden of Eden.

Speaker:

We ate the apple and we found out we were naked exposed at

Speaker:

risk healthcare is vulnerable.

Speaker:

There were warnings clearly before that there was one a cry.

Speaker:

Was a wake up call, but it wasn't until hospitals started being held hostage.

Speaker:

And being taken offline for days that we started to realize that there was

Speaker:

more involved here than a slight ding to our reputation or a small fine.

Speaker:

I'm not saying that it wasn't aware of the risk before, but we couldn't

Speaker:

sell it at most of the health systems.

Speaker:

The events of the past 24 months gave us credibility.

Speaker:

In our claims that the sky actually was falling.

Speaker:

No longer was the, Cisco.

Speaker:

. Chicken little

Speaker:

the worst had actually come to pass and we were right.

Speaker:

But you know what?

Speaker:

It's not that great being right systems went down sometimes for weeks at a time.

Speaker:

And sometimes with data loss that will never be recovered.

Speaker:

There was at least one incident that claimed that a cyber

Speaker:

event had caused a death.

Speaker:

Again, not that neat being right.

Speaker:

So what now you don't want me to recount all the incidents, Skylake

Speaker:

scripts and countless others that may not have been as prominent.

Speaker:

I've told you that I would cover these by putting my CIO hat back on.

Speaker:

And telling you how I would be approaching this challenge today.

Speaker:

If I were in the chair.

Speaker:

Let me start by saying this.

Speaker:

There is no one size fits all solution here.

Speaker:

My listeners come from health systems with thousands of it,

Speaker:

staff to Jess, 20 it staff.

Speaker:

These call for different tactics, different investments, and AMC

Speaker:

may have risks that a single hospital CIO may not have.

Speaker:

So let's explore some of the common things before I explore

Speaker:

some of the distinct challenges.

Speaker:

All right.

Speaker:

I think the approach I would take right now is we are under attack.

Speaker:

At all times we are under attack.

Speaker:

That is our posture.

Speaker:

And that is what I would take from this day forward.

Speaker:

Every day being treated as we're under attack.

Speaker:

Let's have our standup calls.

Speaker:

Let's have all those procedures in place.

Speaker:

Where we are treating it.

Speaker:

Like we are under attack today.

Speaker:

Do we have our defenses in place?

Speaker:

Do we know what's going on?

Speaker:

Which brings me to my second item here, which is, I would know the threats.

Speaker:

No who's after the information that you have know who's going to benefit the most

Speaker:

from shutting down your health system.

Speaker:

No.

Speaker:

The tactics that they're using stay current on their approaches and how they

Speaker:

are infiltrating systems like yours.

Speaker:

The third thing is assess your defense.

Speaker:

So really assess them.

Speaker:

You have to be honest at this point.

Speaker:

One of the things that I found over the years is that people will say

Speaker:

things like we're all vulnerable.

Speaker:

That's great.

Speaker:

And that all may be true, but at the end of the day, you have to

Speaker:

honestly assess your defenses.

Speaker:

And I'm going to come back to this in a little bit.

Speaker:

And talk about what you do with that honest assessment.

Speaker:

But at this point, Really look at it.

Speaker:

Ask yourself, the question, are we vulnerable?

Speaker:

Don't just say well, everyone's like this.

Speaker:

No.

Speaker:

How vulnerable are you?

Speaker:

How prepared are you?

Speaker:

And you have to have that assessment done.

Speaker:

And it has to be honest, if you need a third-party to do

Speaker:

it, which in most cases we do.

Speaker:

Have that done by the third party?

Speaker:

Number four assume they are already in your network.

Speaker:

And at that point, Understand your ability to identify their

Speaker:

movements from within your network.

Speaker:

Assume they're in because they probably are.

Speaker:

Already in your network and understand that this capability

Speaker:

of identifying what they're doing.

Speaker:

And how they're moving within your network is a must have moving forward.

Speaker:

The next thing I would say is assume you will be completely ransomed at

Speaker:

some point and plan accordingly.

Speaker:

All right.

Speaker:

So there's enough information out there.

Speaker:

We do a great webinar.

Speaker:

With the people from sky lakes, the CIO was kind enough to come on and

Speaker:

share his experience in some detail.

Speaker:

So if you want to know what it's going to feel like.

Speaker:

He shares what it feels like.

Speaker:

And what goes on in those first couple of minutes of the cyber

Speaker:

attack as you're watching systems just shut down one after another.

Speaker:

Not being able to gain access to your systems and having to rely

Speaker:

on vendors that you previously had worked with, but they're part of your

Speaker:

cybersecurity insurance contract.

Speaker:

And so they come in and actually ask you to step away from

Speaker:

the keyboard while they do

Speaker:

they're forensics on the event itself.

Speaker:

If you have that information assume you're going to be ransomed.

Speaker:

What is your plan to come back online?

Speaker:

What is your plan?

Speaker:

Are you going to pay the ransom?

Speaker:

Are you not going to pay the ransom?

Speaker:

Are you going to start a recovery?

Speaker:

Do you have the systems in place?

Speaker:

Have you air gapped your backups?

Speaker:

Is it enough to air guy, your backups?

Speaker:

Do you have immutable backups?

Speaker:

It's a, is it enough to have immutable backups?

Speaker:

What, what is going to work and what is not going to work.

Speaker:

But plan accordingly, you're going to get ransomed plan accordingly.

Speaker:

That's how I would be thinking about it right now as a CIO.

Speaker:

All right, let's move on.

Speaker:

So from the point of an honest assessment plan, your investments wisely.

Speaker:

Acknowledge what you can and cannot do well.

Speaker:

And I'm going to get to this in a little bit, but the smaller

Speaker:

health systems, there's an awful lot of things you cannot do well.

Speaker:

And you're going to want to look outside your four walls for some

Speaker:

help, and who's going to help you.

Speaker:

Today to prepare for an event and in the future, if you actually have

Speaker:

an event so acknowledge what you can and cannot do well and go find help.

Speaker:

Second thing is be open and honest with the executive team.

Speaker:

And the board went asked.

Speaker:

Hide nothing from the leadership.

Speaker:

You don't want to be found, hiding important information from those that

Speaker:

could have made a difference that can make the investments to shore

Speaker:

up your foundation in your system.

Speaker:

I wouldn't want to be that CIO.

Speaker:

Who's trying to explain.

Speaker:

Why they did not have an honest assessment or why they withheld any

Speaker:

information about that environment?

Speaker:

Honest open here's where we're at.

Speaker:

The executive team needs to be brought into the loop.

Speaker:

The governance team needs to be brought into the loop.

Speaker:

So that they can determine what the risk is to the organization

Speaker:

and what needs to happen.

Speaker:

So that's table stakes.

Speaker:

I assume everyone knows that.

Speaker:

I just wanted to say it again out loud.

Speaker:

And then the next thing is ask for help, seek help, be open to help.

Speaker:

This is not the kind of thing.

Speaker:

That every health system is going to have the resources and the wherewithal.

Speaker:

We need to utilize the resources that are out there.

Speaker:

That are designed to help us and designed.

Speaker:

To bring us together as a community to fight this.

Speaker:

This threat.

Speaker:

All right.

Speaker:

The next thing I would say is planted complete strategy.

Speaker:

I remember standing at a conference, listening to CISOs share.

Speaker:

And person after person talked about their education program.

Speaker:

And while I was impressed with the programs they had

Speaker:

developed, I couldn't help.

Speaker:

But to think how unsophisticated the approach was to cybersecurity.

Speaker:

You have to prevent, detect, remediate and recover.

Speaker:

And that's not even a complete list of the things that need to

Speaker:

be discussed and planned for.

Speaker:

My point being you can't have a single threaded approach to cybersecurity.

Speaker:

It needs to be multifaceted.

Speaker:

You need a technology layer, you need a people and education layer.

Speaker:

You need a remediation layer, you need a recovery layer.

Speaker:

You need all those things in place.

Speaker:

If you are going to be able to be effective in the world

Speaker:

that we currently live in.

Speaker:

All right, let me get moving here.

Speaker:

I'm running out of time.

Speaker:

So next thing I would say is no, what your contracts say?

Speaker:

It's interesting.

Speaker:

How many times this came up in conversations, post breach event?

Speaker:

I didn't realize what my BAA agreement actually called for.

Speaker:

I didn't realize what my cybersecurity policy gave power.

Speaker:

During an incident to others and called for me to utilize

Speaker:

companies, I wasn't familiar with.

Speaker:

We didn't have an agreement that protected us from an incident

Speaker:

at our community connect site.

Speaker:

It's things like that, know what your contracts say?

Speaker:

Those are just a few stream of consciousness.

Speaker:

Thoughts . Let me address some of the specifics for smaller players.

Speaker:

You can't do this on your own.

Speaker:

You have to find the right partners that can help you to

Speaker:

build a sustainable program.

Speaker:

You can't do it with one cyber person and an engineer.

Speaker:

It's not even remotely possible line up the players that can

Speaker:

help you get them lined up today.

Speaker:

Prior to an event.

Speaker:

For an AMC, you have to be aware that nation states want the

Speaker:

information that your research teams are working on nation states.

Speaker:

You know, the ones.

Speaker:

The, the ones I'm talking about, the ones with well-funded armies of cyber

Speaker:

specialists, the tactics are varied.

Speaker:

And while a traditional phishing attack may not work in this

Speaker:

case, they have other ways.

Speaker:

And in those cases, you have to be tracking the motion of critical

Speaker:

information around your network.

Speaker:

You have to have complete visibility into the motion of your

Speaker:

critical data assets at all times.

Speaker:

This is going to serve you well, since attacks are no longer just

Speaker:

being initiated from afar, disgruntled employees are now offered money

Speaker:

to get back at their employers.

Speaker:

Place this code on your network and we will take care of the

Speaker:

rest ransomware as a service.

Speaker:

Oh.

Speaker:

And by the way, if we successfully ransom your organization, we will

Speaker:

give you a cut of the cryptocurrency.

Speaker:

You have to track the movement of the data.

Speaker:

In order to do that, you have to have a very accurate data inventory as well.

Speaker:

All right.

Speaker:

As I said this is going to be exhausted.

Speaker:

I just wanted to share a few thoughts.

Speaker:

This is top of mind for CEOs and it should be, it should have been

Speaker:

for CEOs and it should have been.

Speaker:

Probably for at least the last decade.

Speaker:

Now we know.

Speaker:

So let's try to make 20, 22, a transformative year in this area.

Speaker:

All right.

Speaker:

That's all for today.

Speaker:

If you know someone that might benefit from our channel,

Speaker:

please forward them a note.

Speaker:

They can subscribe on our website this week out.com or wherever you

Speaker:

listen to podcasts, apple, Google, overcast, Spotify, Stitcher.

Speaker:

You get the picture.

Speaker:

We want to thank our channel sponsors who are investing in our mission to develop

Speaker:

the next generation of health leaders.

Speaker:

VMware Hill-Rom Starbridge advisors, McAfee and Aruba networks.

Speaker:

Thanks for listening.

Want to tune in on your favorite listening platform? Don't forget to subscribe!

Thank You to Our Show Sponsors

New Shows for 2022

Insights - This Week Health
This Week Health Town Hall
Keynote - This Week HealthSolution Showcase This Week Health
Newsday - This Week HealthToday in Health IT - This Week Health

Related Content

1 2 3 135

Amplify great thinking to propel healthcare forward and raise up the next generation of health leaders.

© Copyright 2022 Health Lyrics All rights reserved