This Week Health

62 minutes.

That’s the average amount of time it takes for threat actors to “fully get a foothold” into a system and gain access to data, according to Steven Ramirez. “You basically have an hour.”

For an integrated health network like Renown Health – or any healthcare organization, for that matter – it’s not a lot of time. That’s the challenge facing cybersecurity leaders; meeting it, as we’re learning, requires not just sophisticated tools and methods, but also a bit of storytelling.

“You can never let your guard down,” he said. “We need to keep that methodology to adhere to our structure, mission and values, and our strategic plan. This is where we’re going, and cyber is an imperative to support all of that.”

Steven Ramirez

For CISOs or CISTOs (Chief Information Security & Technology Officers), as in his case, it has become increasingly vital to be able to communicate the importance of continuously investing in cybersecurity initiatives. During a recent Unhack the Podcast episode, Ramirez spoke about his approach to selling cyber, and the multilayered, rapidly evolving strategy Renown is leveraging to secure data.

Layered defense

The ultimate goal is simple, relatively speaking: “Keeping us out of the papers,” he said. “From an ROI perspective, it’s been fairly easy to justify the why. Our executives know that this threat isn’t going away,” and can provide the support needed to deliver on their mission. 

What has also been critical is his solid relationship with CIO Chuck Podesta, who has consistently “championed” cybersecurity by serving on committees with Ramirez and presenting to the Board.

“He’s very security focused, which makes my job easier,” he noted. “Our thought process is to show the big picture of where we are from a maturity standpoint and where we’re going over the next three years.”

One of the pillars of that three-year strategy is identity threat detection and response. “The more you can do on the endpoint before they get to our crown jewels, the better,” Ramirez said. However, it isn’t always feasible to keep attackers outside the perimeter, which is where deception technology can play a key role by diverting bad actors. “It’s like throwing a few $20 bills outside the bank to slow them down before they get in,” he said. “It’s a very underutilized technology,” and one that can buy extra minutes. “Because again, time is of the essence. So you really need that layered defense.”

It also takes some of the heat off his team, who are often bogged down with day-to-day responsibilities. “We think AI can do some great stuff here,” along with telemetry monitoring and other cutting-edge tools that can help Renown live up to the mantra of ‘prepare, fortify, combat,’ he added. “That’s how we’re going to tackle a lot of the core fundamentals of security.”

Act first

Another one of those fundamentals is response, which has become increasingly critical given the uptick in cyberincidents in recent years. “No matter how good your ‘secret sauce,’ no organization is bulletproof,” Ramirez said. To that end, Renown is looking at Privileged Access Management and Zero Trust solutions to help prevent – or at least, significantly reduce – authorized access to data and services. “We’re putting in some pretty cool technology that’s going to help operationalize our approach.”

Another key part of that strategy? Empowering the security operations center (SOC) to not just identify potential breaches, but act on them. “The idea is, instead of my SOC manager telling me something is going on, let’s just kill that activity,” he said. “If you see it, take care of it, and then we’ll regroup.”

When it comes to response and resiliency, Ramirez believes Renown – as well as the entire industry – is merely “scratching the surface” in terms of how technology can be leveraged to create safer environments. As more metrics are created and placed into dashboards, teams will have access to more and better information.

“There’s a lot of information we can get from endpoint detection and response systems,” noted Ramirez. “We’re making good investments in technologies like threat intelligence – how can we boil that down to make sense for dark web monitoring, compliance, risk management, and the resiliency piece?”

It’s a question his team will continue to focus on in the months (and years) ahead. “I think we’ve done a great job in vulnerability management, but there’s more to be done.”

Meet the Author

Kate Gamble

Managing Editor - This Week Health

Kate Gamble is the Managing Editor at This Week Health, where she leverages nearly two decades of experience in healthcare IT journalism. Prior to joining This Week Health, Kate spent 12 years as Managing Editor at healthsystemCIO, where she conducted numerous podcast interviews, wrote insightful articles, and edited contributed pieces. Her true passion lies in building strong relationships with healthcare leaders and sharing their stories. At This Week Health, Kate continues her mission of telling the stories of organizations and individuals dedicated to transforming healthcare.

Explore Related Content 

Contributions

Want more from this Interview? Enjoy the fulll episode on your favorite listening platform

Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved