Call Girls in Hyderabad Lavanya 9907093804 Independent Escort Service Hyderabad
2015 Atlanta CHIME Lead Forum
1. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Top Cyber Risk Mitigation
Strategies
________
● Steven Sarros, Chief Information Officer Baptist Health Care Pensacola
FL●
#LEAD15
2. A CHIME Leadership Education and Development Forum in collaboration with iHT2
• Department of Homeland Security Daily Open Source Infrastructure
Report (DOSIR) – 16 Critical Infrastructures
• Healthcare and Public Health
• Information Technology
• Defense Industrial Base
• United States Computer Emergency Readiness Team (US-CERT)
• Weekly Briefs and Situational Alerts
• FBI InfraGuard Program
Top Cybersecurity Risk Mitigation Strategies Gathering
Threat Intelligence to Establish Situational Awareness
3. A CHIME Leadership Education and Development Forum in collaboration with iHT2
• Awareness training
• Vetting (Team Members and Non-Team Members)
• User lifecycle management and granting access
• Monitoring
• FairWarning
• Web, Email and Chat Activity
• Workstation monitoring
• More awareness training
Top Cybersecurity Risk Mitigation Strategies
The “People Factor” Creating the Human Firewall
4. Q & A
Speaker(s) Contact Information
A CHIME Leadership Education and Development Forum in collaboration with iHT2
Insert Twitter
handle(s) here
5. A CHIME Leadership Education and Development Forum in collaboration with iHT2
Overall Words of Wisdom
________
Stuff I learned the hard way
● David Finn, Health IT Officer, Symantec ●
#LEAD15
6. A CHIME Leadership Education and Development Forum in collaboration with iHT2
You
are
here.
Privacy and Security
today in Healthcare
(foot of the hill)
The Changes You
Need to Make
(the summit)
7. A CHIME Leadership Education and Development Forum in collaboration with iHT2
• Security and usability are often inversely
proportional. (Security is not convenient)
• Security is an investment, not an expense.
• "Good enough" security now, is better than
"perfect" security . . . never.
• There is no such thing as “complete
security” in a usable system.
• A false sense of security is worse than a
true sense of insecurity.
• Your absolute security is only as strong as
your weakest link.
• Concentrate on known, probable threats.
• Security is not a static end state, it is an
iterative process.
• Security is directly related to the education
and ethics of your users.
• There are few forces in the universe
stronger than the desire of an individual to
get his or her job accomplished.
• Security is a people problem. Corollary:
People cause security problems, they don't
just happen.
• You only get to pick two: fast, secure,
cheap.
• In the absence of other factors, always use
the most secure options available. (You are
either serious about security, or you're just
fooling around).
Security Dogma . . . (after 30 years of doing this)