An Effective Cybersecurity Exercises Platform CyExec and ...
HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE...
Transcript of HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE...
![Page 1: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/1.jpg)
1
HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARESession
CYB1, March 5, 2018
Karl J. West, CISO & AVP Intermountain Healthcare
Erik Decker, CPSO The University of Chicago Medicine
![Page 2: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/2.jpg)
2
Karl J. West
Has no real or apparent conflicts of interest to report.
Conflict of Interest
![Page 3: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/3.jpg)
3
Erik Decker
Has no real or apparent conflicts of interest to report.
Conflict of Interest
![Page 4: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/4.jpg)
4
Learning Objectives• Describe the characteristics of an effective security leader and when
an organization should have a security leader to lead its cybersecurity program
• Identify the key ingredients for effectively governing an organization’s cybersecurity program from a security leader’s perspective
• Explain best practices for overseeing an organization’s cybersecurity program in the role of a security leader
• Demonstrate how a security leader can effectively communicate with other executives and other management about the organization’s cybersecurity program, initiatives, and security incidents
![Page 5: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/5.jpg)
5
Karl J. West, CISO & AVPKarl is the Chief Information Security Officer and AVP of
Information Systems at Intermountain Healthcare, an integrated
delivery network of 22 hospitals and 185 clinics. Karl is a well-
respected speaker and security expert who is often sought after
by other organizations that want to embed his holistic solutions in
their security strategies.
At Intermountain, Karl is responsible for all aspects of the
organization’s security strategy. Karl’s leadership—throughout the
planning, development, implementation, and maintenance of an
excellent security program—has earned Intermountain national
recognition as a leader in health information security.
![Page 6: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/6.jpg)
Headquartered in
Salt Lake CityCreated in
1975when
LDS Church donated its 15 hospitals
to the communities they served
39,000employees
470volunteers
governing trustees on 32 boards
Integrated Health SystemServing Utah and Southern Idaho
22hospitals
with 2,769 licensed
beds
1,600employed
physicians and caregivers at
more than
180clinics
SelectHealth
insurance
plans
with
850,000members
TeleHealth
Homecare & Hospice
InstaCare
Connect Care
Life Flight
Precision Genomics
Strong Bond Agency Ratings
S&P: AA+ Moody’s: Aa1$419 million in charity care
during 2016 (249,000 cases)
Quick Facts about Intermountain Healthcare
![Page 7: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/7.jpg)
7
Intermountain Cybersecurity Governance
Central Compliance
Committee
Executive Privacy
and Security
Committee
Privacy and
Security Working
Group
Chief
Information
Officer
Chief
Compliance
Officer
Chief Security
Officer
Chief Privacy
Officer
Governance of Information Risk Reporting & Funding Authority
![Page 8: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/8.jpg)
8
Erik Decker, CSPO
Erik Decker is the Chief Security and Privacy Officer for the
University of Chicago Medicine, and is responsible for its Cyber
Security, Identity and Access Management and HIPAA Privacy
Programs. Erik has 18 years of experience within Information
Technology, with 12 years focused on Information Security. The
majority of his career has been focused on Academic Medical
Centers; establishing two information security programs and an
identity and access management program.
Erik is the current Chair of the AEHIS Board, and joined AEHIS in
2015. This association focuses on educating the CISO and
providing cybersecurity resources within the Healthcare sector.
![Page 9: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/9.jpg)
9
Quick Facts about The University of Chicago
Medicine1000Beds with
recent
acquisition of
Ingalls
Headquartered in
Chicago
Created in
192712Nobel
Prize
Winners
500,000
Outpatient
Visits Annually
Journeying toward being an Integrated Delivery
Network
On track to become a Clinically
Integrated Network
![Page 10: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/10.jpg)
10
UCM Cybersecurity Governance
Executive Cyber
Risk CommitteeChair: CEO
Staff: CISO
Executive Corporate
Compliance
CommitteeChair: CEO
Staff: CCO & Privacy Officer
Privacy and Security
Steering CommitteesChair: Security & Privacy Officer
Staff: GRC, Privacy
Chief
Compliance
Officer
Security &
Privacy Officer
Governance of Information Risk Reporting & Funding Authority
Chief
Information
Officer
![Page 11: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/11.jpg)
11Source: Microsoft Ignite
![Page 12: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/12.jpg)
12
What my mom thinks I do. What my friends think I do. What my wife thinks I do.
What I think I do. What I REALLY do.
![Page 13: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/13.jpg)
13
Not a BarrierSecurity is an Enabler
Think Frictionless!
![Page 14: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/14.jpg)
14
• Technical
• Communication
• Presentation
• Collaboration
• Leader of Leaders
• Understanding Healthcare Process & issues
• Financial Accumen
• Business Leadership Capital
And, occasionally walking on
water!
The Characteristics of an Effective Security Leader
![Page 15: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/15.jpg)
15
![Page 16: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/16.jpg)
16
TRUST PEOPLE
TAKE FEEDBACK
GIVE FEEDBACK
AFFIRM POTENTIAL
INSPIRE ACTION
ESTABLISH VISION
Taking the Necessary Steps
![Page 17: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/17.jpg)
17
• Consider the size of the organization (e.g. system vs. single hospital)
• All organizations need a privacy and security function regardless of size
Do you Need a CISO?
![Page 18: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/18.jpg)
18
Key Ingredients for Effective Governance
![Page 19: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/19.jpg)
19
Security Operations
![Page 20: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/20.jpg)
20
CEO
CFO CMO CNO
… and their main business units.
Facility
CEOsCMIO CNIO
LEGALCOMPLIANCE
PRIVACY
Key Relationships to Nurture …
![Page 21: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/21.jpg)
21
• Risk Assessment & Management
• Patch & Vulnerability Management
• Data Inventory
• Data Classification
• Identity Management
• Third-Party Assessment
Oversight Best-Practices
![Page 22: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/22.jpg)
22
GOVERNANCE & RISK MANAGEMENT
Policy
Procedure
SecOps/Incident Response
Sec Architecture
Education
Awareness
GRC & Shared Services
Oversight Best-Practices
![Page 23: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/23.jpg)
23
Effectively Communicate Your Program
![Page 24: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/24.jpg)
24
• Instill and “bake in” common metrics
• Monthly 1:1 meetings (key stakeholders)
• Participate in other governance to assist in “drawing the line”
Effectively Communicate Your Program
![Page 25: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/25.jpg)
25
@Intermountain@UChicago
![Page 26: HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN … · 2018. 3. 1. · 1 HOW TO BE AN EFFECTIVE CYBERSECURITY LEADER IN HEALTHCARE Session CYB1, March 5, 2018 Karl J. West, CISO &](https://reader034.fdocuments.us/reader034/viewer/2022051809/60128f6a8766993ba31ed980/html5/thumbnails/26.jpg)
26
Questions
• Karl J. West, Intermountain Healthcare
@intermountain
• Eric Decker, The University of Chicago Medicine
@uchicago