Monthly Cyber Briefing

Evolving guidance for medical device cyber-risk and the strategic management approaches for tackling legacy devices

Legacy medical devices are a today problem, not a tomorrow problem. Join Clearwater’s Director of Consulting Services, Jon Benedict, for a conversation about why most medical devices are currently considered “legacy” and the strategies cybersecurity leaders can take to mimize the risks associated with these devices. Jon will also cover the medical device cybersecurity maturity model and share some thoughts on its practical application in healthcare organizations.

Clearwater CEO Steve Cagle will also share a threat landscape and regulatory update. There’s also to cover as cyberattackers continue evolving their tactics and HHS released it voluntary cybersecurity performance goals just last week. Don’t miss it!

Latest Developments in the Healthcare Threat Landscape

During the March edition of Clearwater’s Monthly Cyber Briefing, Corporate CISO and CTO for Managed Security Services Steve Akers and Dave Bailey, VP of Consulting Services, will dive deep into current trends in the healthcare threat landscape. They will cover the latest on the ScreenConnect vulnerability that is tied to the Change Healthcare cyberattack and review nation-state threat actors that are targeting U.S. critical infrastructure. In addition, Steve and Dave will discuss the continuing evolution of ransomware-as-a-service and what healthcare organizations need to know about how it’s being used against them.

Their discussion follows Clearwater CEO Steve Cagle’s round-up of other recent developments impacting the industry, including the news that random HIPAA audits are on the horizon.

Top Vendor Risk Management Challenges Facing Healthcare Leaders

The Change Healthcare cyberattack is yet another example of healthcare organizations’ vulnerability to operational disruptions due to security breaches in their third-party vendors and the extended supply chain. Vendors remain one of the most difficult components of risk to manage and also one of the most likely to contribute to a breach.

During our April Cyber Briefing, we will cover the latest developments related to the Change Healthcare attack as well as new threats and concerns that healthcare leaders should have on their radar. Our team will then focus in on the subject of vendor risk management and discuss the top challenges facing healthcare organizations, share insights on trends we’re seeing across the industry, and provide guidance on key actions to take to reduce your third-party risk.

In the wake of the Change Healthcare attack, many healthcare organizations are asking hard questions about the impact a cyberattack can have on their operations and whether their Business Continuity Plan is sufficiently honed to minimize disruption if an incident shuts down access to key systems and data.

Our May Cyber Briefing will feature insights from two members of Clearwater’s Consulting team who are experts in Disaster Recovery and Business Continuity Planning:

• Angie Santiago—A certified Business Continuity Professional and former health system CISO, Angie has extensive emergency preparedness experience as an organizational resilience leader for provider communities, community care centers, healthcare systems, academic medical centers, and DHHS.
• Tom Joyce —Certified in Disaster Recovery Planning, including Business Impact Analysis planning and execution, and a former regional health system CISO, Tom also has deep experience leading emergency preparedness within healthcare organizations.

Following Steve Cagle’s review of the latest developments that healthcare leaders should have on their radar, Angie and Tom will discuss how, by applying interdisciplinary frameworks centered around risk and resilience, organizations can improve their ability to respond and recover from threats, shocks, or crises—whatever form they may take.

A Deeper Look at the Healthcare Threat Landscape & Business Email Compromise

During the June edition of Clearwater’s Monthly Cyber Briefing, Corporate CISO and CTO for Managed Security Services Steve Akers, Dave Bailey, VP of Consulting Services, and 1stResponder President and Founder Ricoh Danielson, will review current trends in the healthcare threat landscape and share guidance on key issues that healthcare organizations should be addressing in the wake of continuing cyberattacks. They’ll zero in on business email compromise as a key threat to healthcare and share strategies for preventing it. 

Their discussion follows Clearwater CEO Steve Cagle’s round-up of the latest cybersecurity and regulatory developments impacting the industry. 

Changing the Conversation About Cybersecurity in Healthcare 

The major cyberattacks that have occurred across the healthcare industry in the first half of 2024 have underscored the need to change the conversation about cybersecurity in healthcare – from focusing on controls to analyzing risks, from protecting data to protecting patients, from characterizing cybersecurity as an IT problem to recognizing it as business priority, and from thinking about cybersecurity as a function that puts up roadblocks and barriers to one that creates value and enables business success. 

Now is the time to make that pivot, but how do you do it in a way that resonates and translates to greater support for and investment in your cybersecurity program? Bob Chaput joins our July Cyber Briefing to discuss how to engage your C-suite and board in effective and ongoing dialogue about Enterprise Cyber Risk Management. 

Preparing for New Cybersecurity Mandates: Insights for Healthcare Organizations

Recent news reports have indicated that the Biden administration will soon issue new regulations aimed at bolstering cybersecurity in the U.S. healthcare sector. Hospitals are expected to be the first entities required to implement new “minimum” mandates based on cybersecurity performance goals that the Department of Health and Human Services released in January. 

How should hospitals be preparing for this likely development? And what are the implications for other organizations across the healthcare ecosystem? 

Clearwater Chief Risk Officer and Head of Consulting Services and Client Success Jon Moore joins our August Cyber Briefing to shed light on the latest developments and offer guidance on the best steps to take to position your organization for what may come.  

In addition to his work advising and supporting Clearwater clients, Jon is actively involved with the Healthcare and Public Health Sector Coordinating Council, a group that serves as a liaison between the industry and the federal government. 

Info coming soon!

Info coming soon!

Info coming soon!

Info coming soon!