Privacy and IT security need to be working in lock step, and doing so gets a lot easier when they’re led by the same person. That’s exactly what happened at UChicago Medicine in September when Chief Privacy Officer Karen Habercoss assumed the additional role of CISO. Scroll down to watch or listen to the full […]
Cyber Ambassador Program Seeks to Extend the “Fabric” of Security, Says ChristianaCare CISO Anahi Santiago
In the face of growing cyber threats, ChristianaCare CISO Anahi Santiago is taking a bold approach to cybersecurity awareness and resilience. At the heart of her efforts lies the Cybersecurity Ambassador Program—a forward-thinking initiative designed to transform the health system’s workforce into a first line of defense against cyberattacks. This program not only enhances individual […]
Facing Onslaught of Attacks, Cyber Teams Balancing Resources Between Prevention & Response, KLAS Finds
Driven by the increasing interconnectivity of systems, the rising sophistication of attacks, and limited budgets, healthcare organizations are working to balance their cyber resource allocations, according to the recent KLAS report, Cybersecurity 2025: Organizations Assessing Their Cybersecurity Posture amid Rising Threats. A Balancing Act: Prevention and Preparedness Healthcare IT leaders face a complex dilemma: how to […]
HHS Issuing NPRM to Revamp HIPAA Security Rule
To enhance ePHI protections, address compliance gaps, and strengthen resilience against cybersecurity challenges, HHS is issuing a Notice of Proposed Rulemaking (NPRM) to bolster the HIPAA Security Rule. Adapting to a Transforming Digital Environment The last major revision to the HIPAA Security Rule occurred in 2013. Since then, the healthcare industry has experienced dramatic advancements […]
Collecting Cyber Vulnerability Metrics is Critical, But Communicating Them to Stakeholders in a Clear & Compelling Way is Key, Says H-ISAC Report
As the healthcare industry becomes more reliant on interconnected digital systems the importance of robust vulnerability management has never been more pronounced. A recent report by Health-ISAC, Vulnerability Metrics and Reporting, sheds light on best practices and strategies to strengthen cybersecurity in health systems. The Growing Challenge of Vulnerabilities The healthcare sector faces a growing number […]
Privileged Access Management a Critical Tool in CISO Arsenal, HISAC Report Says
In a healthcare ecosystem where data protection and access control are paramount, Privileged Access Management (PAM) emerges as a critical line of defense. According to the Health-ISAC report, “Privileged Access Management: A Guide for Healthcare CISOs,” PAM isn’t just another identity management tool; it’s the “bank vault” safeguarding an organization’s most sensitive information. Understanding PAM […]
Homograph Attacks in Healthcare: A Growing Cybersecurity Threat
Homograph attacks represent a sophisticated form of phishing that poses a critical threat to healthcare systems. By exploiting visual similarities between Latin and non-Latin characters, such as those in the Cyrillic script, cybercriminals create malicious domains that mimic trusted websites. According to the report issued by the HHS Office of Information Security and the Health […]
M&A Cyber Success Depends on Communication, an Honest Evaluation of Each Side’s Strengths & Risks, and an Open Mind
In the evolving healthcare landscape, mergers and acquisitions (M&A) have become a cornerstone strategy for health systems seeking operational efficiencies and expanded care delivery. However, the convergence of multiple organizations introduces a unique set of cybersecurity challenges. Greg Sieg, CISO for the University of Michigan Regional Health Network, provides valuable insights into managing cybersecurity during […]
Being Great at the Fundamentals & Building Strong Relationships are Keys to Preventing Cyber Incidents & Navigating Breaches
With cyber incidents a question of if, not when; fast detection and a smooth, coherent response are critical to minimizing the impact on patient care, according to panelists who participated in a recent healthsystemCIO Webinar, “Examining Cyber’s Role in the Development of Business Continuity Plans that Strengthen Operational Resilience.” The panel included Julian Mihai, CISO […]
Cyber Help Needed: KLAS Report Finds Many Health Systems Availing Themselves of Consulting & Managed Services to Stay Secure
When it comes to cyber, going it alone is a tall order for health systems. As such, many have turned to cyber consultants in an effort to keep the bad guys at bay. A recent report from KLAS, “Security & Privacy Consulting/Managed Services 2024” – co-authored by Ciera Black Walker and Jaren Day – delves […]