Extending The Enterprise Through Telehealth Programs€¦ · •Protect us against breach and...
Transcript of Extending The Enterprise Through Telehealth Programs€¦ · •Protect us against breach and...
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
“Privacy/Security Spotlight: Network Security and Best Practices Regarding the
Internet of Things in a Health System”
A Complimentary Webinar From healthsystemCIO.com
Sponsored by Proofpoint
Your Line Will Be Silent Until Our Event Begins at 12:00 ET
Thank You!
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Housekeeping
• Moderator – Anthony Guerra, editor-in-chief, healthsystemCIO.com
• Ask A Question• We will be holding a Q&A session after the formal presentations.
• You may submit your questions at any time by clicking on the QA panel located in the lower right corner of your screen, type in your questions in the text field and hit send. Please keep the send to default as “All Panelists.”
• Download the Deck • Go to Download today's deck at:
http://healthsystemcio.com/presentation/internet-of-things-webinar.pdf
• Shortened URL at bottom of all slides
• View the Archive• You will receive an email when our archive recording is ready.
• Separate registration is required.
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Agenda — Approximately 45 Minutes
• 25-30 minutes: St. Luke's Cornwall Hospital VP/CIO Cletis Earle
• 5 minutes: A Word From Our Sponsor: Joe Diamond, Director of Products, Proofpoint
• 10-15 minutes: Q&A w/Cletis Earle
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Privacy/Security Spotlight: Network Security and Best Practices Regarding
the Internet of Things in a Health System
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Breach Mitigation
• You may already be breached, and don’t know it! (BE PREPARED)
• How many organizations can claim they are 100% protected from cyber threats?
• Attack Vector Threshold • Network vulnerability
• Hardware theft and Loss
• Malware, Encrypted Botnet
• Mobile App and Devices
• Medical device
• ETC
Breach- an infraction or violation, as of a law, trust, faith, or promiseMitigation- the act of lessening the force or intensity of something unpleasant, as wrath, pain, grief, or extreme circumstances
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Breach Identification Timeline
• Discovery
1 Month
• Due Diligence
4 Months
• Remediation
Forever
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Cyber Insurance
• Limits – any one claim and in the aggregate inclusive of claims expenses
• Main Aggregate Policy Limit
• Sub-Limits
• Crisis Management, Customer Notification Expenses, Customer Support and Credit Monitoring
• Privacy Regulatory Defense and Penalties
• Forensic Costs – per claim
• Content Injury / Media Wrongful Acts
• Network Security / Privacy Liability
• Data Recovery and Business Interruption
• Cyber Extortion
• Main Policy Deductible:
• Cyber Extortion
• Data Recovery and Business Interruption
• Crisis Management
• Forensic Expenses
• Breach Response
• Gross Premium
• Additional Premium to include Business Interruption
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Lessons Learned
• Chain of Custody Policy
• Data in motion/Data in flight
• Data Loss Prevention
• Endpoint Encryption (various devices)
• Cyber Insurance (Compliance)
• Constant Revision of “Battle Plan” as new technologies are introduced
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Countermeasure General Strategy
• Remove the asset
• Separation of duties
• Authenticate, authorize, and audit
• Layering
• Adaptive enhancement
• Orderly failure
• Policy and training
• Simple, cheap and easy
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Remove Asset
• Frequently misunderstood measure
• Remove targeted information from the equation• Question the need to have SS#s or PCI data
• If not truly needed for the operations of the business, have it removed
• Web portals are easy targets• If sensitive data can be limited, then don’t capture the information
• Rethink how the organization classifies identifiable indicators and challenge the rule if it is a possible target for attack
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Separation of Duties
• Add layers to threat management and remediation plan• “Coordination of Duties”
• Detection Team• The team that is responsible for detecting the problem and any new issues
that may arise
• Reaction Team• The team that is responsible for fixing the issue
• Many time hackers installs code to distract IT teams• If you keep your team separate, you increase your chance of fixing the real
problem and not issues created to distract you from the issue
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Authenticate, Authorize and Audit
• Authenticate• Dual Factor
• Various state regulations may help adoption of disruptive technology
• Electronic Prescription of Controlled Substances
• Authorize• Digital Rights Management (can be a challenge)
• Enterprise wide Browser Protected Mode
• Audit• Logging Authentication & Authorization transactions.
• Allow effective incidence response measures
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Layering
• Add multiple countermeasures to increase the effort an attacker must take
• The more technical barriers setup — “hoops to jump through” — will discourage various types of cyber threats
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Adaptive Enhancement
• Similar to layering, this is using various software to protect facilities to compensate for deficiencies of other layers
• This can be turned “on” at any given time
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Orderly Failure
• Predefined Incident response plan• Measure the level of risk the organization is willing to take regarding outage
and remediation plan
• Take into consideration worst-case scenario
• Be prepared to keep things down until a better security control can be reached
• Systems should be evaluated on level of impact to the organization and associated risk
• Hardware/Software should be graded to help prioritize business continuity
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Policy and Training
• Self explanatory but unfortunately often not take serious enough in organizations
• The organization should undergo constant training regarding security risks
• IT employees pose the highest risk of vulnerability due to their role and access
• Keeping the organization in the know regarding latest attacks and phishing scams helps reduce threats to the organization’s equipment as well as employee’s home; where often they remote in
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Simple, Cheap and Easy
• KISS “keep it simple silly”
• No need to overcomplicate security measures
• Attackers go after the easier targets or low hanging fruit
• Using appropriate countermeasures, most threats will be addressed
• Consider yourself already breached
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Privacy/Security Spotlight: Network Security and Best Practices Regarding the
Internet of Things in a Health System
Joe Diamond, Director of Products, Proofpoint
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Know Your Threat Vectors
Attacks
Sabotage
Mistakes
Data Breach
Source: Generally begins with an
elaborate phishing campaign
Type: Inbound
Source: Disgruntled
employee/partner/contractor
exfiltrating sensitive data
Type: Outbound
Source: Sensitive data sent to
unintended recipient
Type: Outbound
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
The Resourcing Challenge
• Your leadership is saying …• Fix everything
• Protect us against breach and harden against data loss
• Be prepared for eDiscovery requests, support EMRs,
provide breach RCAs, Office 365 migration, etc.
• While providing no increase to your budget …
• And no additional heads to support new technology
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Embrace the 80/20 Rule
• This is a mountain that resource-strapped IT/InfoSec groups can scale
• Requires a laser-focused approach; eliminate the scattershot and distraction of trying to do everything—doing so guarantees doing nothing well or worse, shelfware
• Scenario: Joint IT/InfoSec team of 5 supporting a mid-size healthcare system, has a small budget for new tech, no new heads …• Weigh Impact vs. Effort
• Data classification
• DLP
• Automated sensitive data discovery & remediation
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
A Breach Protection & Mitigation Strategy with Immediate Benefit
• Targeted Attacks / Emerging Threats• Focus on email—the vast majority of breaches begin with a sophisticated phishing
attack
• Your requirements:• URL re-writing• Dynamic analysis/sandboxing for incoming URLs & attachments• Who-clicked-what visibility to ensure rapid threat response
• Automated intelligence and remediation for data at rest• Focus on data at rest—what are bad actors after when breaching your systems? …
your data
• Your requirements:
• Automated visibility into the size of your attack surface
• Automated remediation for sensitive data in unsecure locations
• Simple to deploy and manage (template-based policies, limited footprint)
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Resources
• Data Profiler Tool• Simple executable – point at a file server/UNC path and
it’ll run automatically
• Full report providing the number of sensitive data violations, including PCI and social security numbers
• Get it here: http://www.proofpoint.com/profiler
• The Human Factor• Analysis exploring the under-reported aspect of
enterprise threats caused by end user behaviors clicking within email, attachments and social media posts
• Get it here: https://www.proofpoint.com/humanfactor
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Q&A
Click on the Q&A panel located in the lower right corner of your screen, type in your questions in the text field and hit send. Please
keep the send to default as “All Panelists.”
Slide Deck: http://goo.gl/eTS9nQWebex Support 1-866-229-3239
Event #667 139 752
Thank You!
• Thanks to our featured speaker: Cletis Earle!
• Thanks to our sponsor: Joe Diamond & Proofpoint!
• You will receive an email when our archive recording is ready. (Separate registration is required)
• CHIME CHCIO Credits – Attending our Webinars = 1 CEU
• Questions/Comments – Anthony Guerra [email protected]
Go to www.healthsystemCIO.com/webinars to view our upcoming schedule and see the last 12 months of archived events.