The reality is that insider privacy breaches are going to happen. But if they’re managed quickly, delicately, and in cooperation with other stakeholders, the damage can be limited, according to our panelists. “It is possible if you can be proactive and establish relationships.”
The key to improving third-party risk management is in building and maintaining strong relationships – both with present and past vendors, said our panelists, who offered advice on how to better monitor data after a relationship has ended.
“At the end of the day, we’re here to support the organization’s objectives. That’s one of the things people don’t realize.” And it’s just one of many, according to a group of CISOs, who share insights on what leaders should and shouldn’t do to excel in the role.
Having a solution that can intelligently monitor access to patient records, combined with continuous education and awareness, can help healthcare organizations secure patient data – and more importantly, gain their trust, according to James Brady and Krista Fink of Fairview Health Services.
A key element in understanding the sanctions risks associated with ransomware payments is in understanding the threat actors and how they operate, says Mitch Parker, CISO at Indiana University Health.