Monthly Cyber Briefing
Engage. Educate. Prepare.
Every first Thursday of the month from 12:00-1:00 PM (Central Time)
We invite you to join us each month for a free, virtual Monthly Cyber Briefing!
During each one hour-long session, an industry expert will draw on their previous experience to cover several key topics & trending news related to healthcare privacy, cybersecurity, compliance, & IT audit.
The Monthly Cyber Briefing is a digest of trending news, and announcements related to healthcare’s risk landscape, and provides expert insight that is designed to help healthcare security, privacy, and compliance professionals stay on top of what matters most.
- Key privacy, cybersecurity, compliance, challenges for healthcare
- Updates on new privacy and compliance laws and what they change/impact
- Trending cybersecurity threats within the healthcare industry and combative best practices
- Real-world coverage of recent incidents and key takeaways in terms of lessons learned
- Outlook to the top issues for 2023
The Monthly Cyber Briefings provide insight to help you build resilience & strengthen your strategies.
Chief Information Security Officer and Chief Technology Officer, Clearwater
Justin Sun, GCWN, GCIA
Director, Security Operations Center, Clearwater
5 Recommendations to Increase Your Cyber Resiliency in 2023
- Mac McMillan will provide a brief update, review the current threat landscape, and discuss current events relevant to healthcare risk
- Chuck Podesta (CIO of Renown Healthcare in Reno, NV) and Dave Bailey will walk through 5 cybersecurity best practices you can implement to build cyber resiliency into your privacy and security programs and overall:
- Increase availability
- reduce risk
- Prevent skyrocketing insurance premiums or loss of coverage
*Due to the New Years Day Holiday, this month’s session will be held on the second Thursday of the month.
Breaking the Reactive Security Cycle
Reactive cybersecurity is a common and complex cycle to break. Healthcare organizations constantly face new unknowns and unexpected threats, vulnerabilities, and security alerts. This can make it exceptionally challenging for healthcare organizations to focus on security maturity, especially if they have minimal executive support.
So, how can you evolve your security practices to a more strategic approach, one that helps seek out and identify security risks before an incident occurs while ensuring you’re ready to respond when one does?
During our February Cyber Briefing, Steve Akers, who serves as Clearwater Chief Information Security Officer and leads our Managed Security Services team, and Dave Bailey, Vice President of Security Services with Clearwater’s Consulting team, will discuss how to break the reactive security cycle and advance to a more mature state that delivers better security outcomes.
Attendees will learn:
- How to cut through the noise and understand the security risks that are of greatest concern to your organization so you can prepare accordingly
- How to develop a framework for responding to an event in a more effective and methodical way
Healthcare organizations of all sizes can achieve a higher level of cyber resiliency and become less susceptible to security risks with this type of strategy.
How to Engage Your Board and Investors in Productive Dialogue About Cybersecurity
Experts are predicting that 2023 will be the year that cyber challenges and changes consume the boardroom. The early days of the new year have seen several more high-profile data breaches and ransomware attacks that have no doubt captured the attention of board members and investors across the healthcare industry and affirmed the need to give cybersecurity greater attention at the highest levels of the organization.
Are you equipped to engage effectively with senior stakeholders about the state of your cybersecurity program or do you find yourself constantly on the defensive about the steps your organization is taking to manage mounting cyber risk?
For our March Cyber Briefing, we are pleased to have two experts joining us to provide guidance on how to engage your board and investors in productive dialogue about cybersecurity. Clearwater Founder and Executive Chairman Bob Chaput, NACD.DC, author of the acclaimed book Stop the Cyber Bleeding: What Healthcare Executives and Board Members Must Know About Enterprise Cyber Risk Management (ECRM) that has been adapted by The Governance Institute as a key educational resource for its members, and Ralph Davis, JD, Senior Operating Partner for the private investment firm The Vistria Group and a board member for several healthcare organizations, will discuss how to reframe the boardroom cybersecurity agenda to enable effective board oversight of cyber risks.
Attendees will learn:
- The three key topics that should be covered in each board or investor discussion of ECRM
- Guiding principles of senior stakeholder metrics
- Why it’s important to discuss overall ECRM program advancement in each board meeting
- What constitutes appropriate and effective board member and investor education activities
Managing Risk Across the Healthcare Ecosystem
New solutions leveraging machine learning and artificial intelligence are transforming how we diagnose disease. Telemedicine networks connect patients to doctors and specialists across the country. Nanomedicine has the potential to revolutionize treatments for cancer, diabetes, and many other conditions.
Just like the digital technologies that preceded them, these new technologies bring new security and privacy risks that organizations must address to protect patients and their data and maintain compliance with industry regulations. During our April Cyber Briefing, two of our senior Consulting team leaders, Dave Bailey and Andrew Mahler, will examine the issue from both the healthcare provider and healthcare technology company perspective:
- How growth in third-party data breaches and attacks are compelling hospitals, health systems, and physician groups to apply greater scrutiny to the security practices of technology vendors
- The implications of this trend for digital health companies – what steps do they need to take to ensure that they are meeting expectations and requirements with regard to their cybersecurity and compliance programs
Join us for what promises to be an insightful discussion with important take-aways for organizations across the healthcare ecosystem.
Title: Healthcare Threat Intelligence
Clearwater’s May Cyber Briefing will feature a “Threat Intelligence” presentation focused on the latest threats and trends in the healthcare cybersecurity landscape.
This informative and valuable discussion will provide attendees with a professional briefing on current threat intelligence delivered by our Security Consulting VP, Dave Bailey, who will cover:
- Relevant industry threats, including an in-depth analysis of the April 2023 Threat Horizons report
- An overview of accidental and insider threats
- A thorough review of the most active threat actors, including who they are and how they attack
Additionally, the briefing will dive deep into the top drivers of risk identified by Clearwater’s risk assessment, technical tests, and SOC.
Don’t miss out on this important briefing to leverage the information shared to stay ahead of the latest threats and help protect your organization.
Alert storms, bad signals, and other dilemmas that strengthen the case for Managed Security services
In this session, we will focus on enhancing visibility within your organization to significantly reduce noise from security alerts. We’ll delve into the immense challenges posed by constant activity and the need to orchestrate data effectively. By leveraging Managed Security services, you can gain a strategic advantage and partnership, drawing from the vast experiences of numerous healthcare companies. This approach empowers you to improve threat identification, pinpoint exposure points, and elevate security outcomes for your entire organization. Uncover the remarkable benefits of Managed Security services in mitigating alert storms, combating false signals, and streamlining incident response through efficient security orchestration. Don’t miss this opportunity to acquire invaluable insights and real-world examples that emphasize the profound impact of collective experience sharing and the adoption of Managed Security services.
CHIME Continuing Education Credits
Clearwater’s 2023 Monthly Cyber Briefings have been approved by the College of Healthcare Information Management Executives (CHIME) for 1 non-CHIME CEU per session attended towards the certification programs listed below:
- Certified Healthcare CIO (CHCIO) program
- Certified Healthcare Information Security Leader (CHISL) program
- CHIME Foundation Certified Healthcare Executive (CFCHE) program
- Certified Digital Health (CDH) program
CHIME and AEHIS members can download the agenda (below) and submit for total hours earned here.
HIMSS Continuing Education Credits
This program is approved for up to 12.0 continuing education (CE) hours for use in fulfilling the continuing education requirements of the certification programs listed below:
- Certified Professional in Healthcare Information & Management Systems (CPHIMS)
- Certified Associate in Healthcare Information and Management Systems (CAHIMS)