healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
Health systems today face increasing odds of a breach, and that’s what drives Rishi Tripathi, CISO at Mount Sinai Health System in New York City. “There is an opportunity for us to step up and do a far better job than we do protecting our banks or factories, because this is literally life and death.”
The ultimate challenge for a CISO is to get all of an enterprise’s stakeholders to recognize that IT is not just in the security game to protect the data, it has the organization’s bottom line and care outcomes at heart, says Michael Carr, VP, CTO and CISO at Health First.
The first and most important question for CISOs to ask is, “Am I risk aligned with the place where I work?” If not, they might be swimming upstream as they promote a culture of security that the organization doesn’t embrace, says Aaron Weismann, CISO with Main Line Health.
Longo, who feels healthcare CISOs must have a ‘business-enabling’ approach, says going slow and saying no is never an option.
Bhaduri says security executives serve their organizations well by having a deep understanding of their technical environment, aligning with the business through sound governance, and communicating a clear risk picture to inform decision making that adheres to the guidance provided by the CISO.
