State of Security

Summary In this conversation, Geoff Hancock interviews Brian Weidner and Chris Skinner about incident response. They discuss the importance of building strong relationships with the C-suite and legal department, as well as the value of having a trusted incident response company on retainer. They also touch on the challenges of incident response in the critical infrastructure sector and the potential impact of new reporting requirements proposed by DHS. The conversation explores the recently released NIST incident response document and the need for organizations to tailor their incident response plans to their specific needs. The guests emphasize the importance of preparation, communication, and continuous improvement in incident response. Takeaways -Building strong relationships with the C-suite and legal department is crucial for effective incident response. -Having a trusted incident response company on retainer can streamline the response process. -New reporting requirements proposed by DHS may add additional burden to organizations already dealing with regulatory reporting. -The recently released NIST incident response document provides valuable guidance for organizations, but it should be tailored to each organization's specific needs. -Preparation, communication, and continuous improvement are key elements of successful incident response. Chapters 00:00 Introduction 19:45 Challenges in Incident Response for Critical Infrastructure 32:03 Navigating New Reporting Requirements 39:20 The Importance of Preparation, Communication, and Continuous Improvement

Summary This conversation explores the topic of ransomware in the healthcare industry and the importance of cyber resilience. The discussion highlights the impact of ransomware attacks on healthcare organizations, the challenges they face, and the need for proactive measures. The conversation emphasizes the basics of cyber resilience, including disaster recovery plans, vulnerability management, and incident response. The role of AI in ransomware protection is also discussed, along with the importance of operational resilience. Overall, the conversation emphasizes the need for healthcare organizations to prioritize cybersecurity and take proactive steps to protect against ransomware attacks. Chapters 00:00 Introduction and Overview 01:28 Ransomware in the Healthcare Industry 16:39 Addressing Ransomware Risks in Healthcare Organizations 27:36 The Importance of Operational Resilience 32:17 The Role of AI in Ransomware Protection 39:11 The Basics of Cyber Resilience 41:59 Conclusion

Summary In this episode, Rick Leib, Field CISO for Access Point Consulting, discusses the challenges and strategies for cybersecurity in healthcare organizations. He emphasizes the need for healthcare organizations to stop relying solely on perimeter security and to hire executives who can effectively sell security to the board and senior executive staff. Rick also highlights the importance of addressing legacy systems, managing medical devices securely, engaging third-party providers, and investing in information security. He recommends conducting risk assessments, practicing tabletop exercises, and involving executives in the security program. Additionally, Rick suggests considering the role of a virtual CISO to provide guidance and expertise. Takeaways -Healthcare organizations should stop relying solely on perimeter security and invest in a multi-layered security approach. -Hiring executives who can effectively sell security to the board and senior executive staff is crucial for healthcare organizations. -Addressing legacy systems and managing medical devices securely are key challenges in healthcare cybersecurity. -Engaging third-party providers requires a thorough third-party risk management system. -Investing in information security, practicing tabletop exercises, and reinforcing the basics are essential for healthcare organizations. -Involving executives in the security program and considering the role of a virtual CISO can greatly enhance cybersecurity in healthcare organizations. Chapters 00:00 Introduction and Importance of CMIO in Instant Response 01:31 Stop Relying Solely on Perimeter Security 04:23 Addressing Legacy Systems 05:22 Micro-Segmentation and Zero Trust Approach 08:11 Managing Third-Party Providers 10:32 Importance of Employee Training 11:58 Executive Involvement in Training 13:54 Lessons from a Ransomware Incident 14:17 Securing Medical Devices 20:47 Proactive Security Operations 21:42 Importance of Risk Assessments and Incident Response Plans 25:02 Reinvesting in Information Security Programs 28:59 Training Staff and Managing Vulnerabilities 31:44 Executive Buy-In and Virtual CISOs 34:36 Conclusion

Summary In this conversation, Geoff Hancock, Global CISO and Deputy CEO for Access Point Consulting, speaks with Rick Leib, Access Point’s Field CISO, discussing the importance of cybersecurity in healthcare organizations. They highlight the prevalence of ransomware attacks in the healthcare industry and the need for improved malware defenses and patch management. Rick emphasizes the importance of separating IT and security departments and implementing a zero trust model. He also discusses the role of MSSPs in healthcare organizations and provides recommendations for 2024, including increasing malware resilience and security staffing. The conversation concludes with key takeaways, such as the need for executive commitment, talent and skills, prioritizing protection, and preparedness. Takeaways -Ransomware attacks are a significant threat to healthcare organizations, and improving malware defenses and patch management is crucial. -Separating IT and security departments is essential to ensure proper focus on information security and compliance. -Implementing a zero trust model can enhance cybersecurity in healthcare organizations. -Engaging with MSSPs can provide expertise and guidance in managing cybersecurity risks. Chapters 00:00 Introduction and the Need for Cybersecurity in Healthcare 01:02 Ransomware Attacks in Healthcare 03:47 Separating IT and Information Security 05:41 The Role of a CISO 06:37 Building Resilience in the Face of Ransomware 09:22 Encrypting Data and Managing Third-Party Suppliers 10:43 Micro-Segmentation and Prioritizing Security 12:11 Communicating Security to the Board 13:33 Recommendations for 2024 15:29 The Role of MSSPs in Healthcare