Information technology is the backbone of Blue Cross Blue Shield of Michigan and Blue Care Network, supporting everything we do to improve the health of Michigan’s residents and communities. Information Security ensures that our members' personal health care information, as well as our programs and data, are protected from cyberattacks.

1. Understanding the Impact of
Cyber Security in Health
Care
©Blue Cross Blue Shield of Michigan

2. Why is Cyber Security Crucial
for the Health Care Industry?

3. Cyber Security is…
A vital aspect of Information Technology that
protects companies’ and organizations’ online
networks, computer programs and sensitive data
from malicious cyberattacks like…

4. Cyber Security is…
A vital aspect of Information Technology that
protects companies’ and organizations’ online
networks, computer programs and sensitive data
from malicious cyberattacks like…
Illegal hacking

5. Cyber Security is…
A vital aspect of Information Technology that
protects companies’ and organizations’ online
networks, computer programs and sensitive data
from malicious cyberattacks like…
Illegal hacking
Ransomware

6. Cyber Security is…
A vital aspect of Information Technology that
protects companies’ and organizations’ online
networks, computer programs and sensitive data
from malicious cyberattacks like…
Illegal hacking
Ransomware
Malware

7. Cyber Security is…
A vital aspect of Information Technology that
protects companies’ and organizations’ online
networks, computer programs and sensitive data
from malicious cyberattacks like…
Illegal hacking
Ransomware
Malware
Phishing

8. There is an endless amount of personal data
shared and stored on the internet, including
members’ health care information…
Cyber Security is Critical

9. There is an endless amount of personal data
shared and stored on the internet, including
members’ health care information…
…Cyber security is the first line of defense in
ensuring it is safely shared and strongly
protected.
Cyber Security is Critical

10. How Has the Landscape of
Cyber Security Evolved?

11. Online threats against health care data and
information have become increasingly
sophisticated, driving Blue Cross’ IT team to
continually evolve its protective measures to
remain first-in-class for data protection.
Over the Years

12. Historically, hackers have been more focused on
wreaking havoc within the financial service sector.
However, stealing health care information has become
more lucrative by selling it to hackers on the “dark
web.”
Cyber Crime is “Big Business”

13. Ransomware is used as a form of extortion, holding
data hostage until payment is received. To activate,
simply calls for a click on the wrong link by an
unsuspecting user, like a company employee.
Cyber Crime is “Big Business”

14. Malware, or malicious software, is computer
software created solely with the intent of harming
and devices, making their functions inactive.
Cyber Crime is “Big Business”

15. Case in Point
In May and June 2017, the “WannaCry” and “Petya” ransomware attacks
affected the computer systems of governmental and professional
associations in Ukraine, France, India, as well as some hospitals and
health care organizations in the United States.
Upon attempting to use their computer, users affected with these
programs received a message stating that their files had been encrypted
and that a payment of $300-$410 worth of Bitcoin (a form of digital
currency) was required to be able to access their data.

16. Experts say that “WannaCry” is the
worst digital event to occur in
recent years, affecting more than
200,000 systems.
Combined, these two attacks
affected more than 210,000
systems in 150 countries,
compromising millions of pieces
of member and user information
globally.
Case in Point

17. Cyber crime manipulates the
unsuspecting and victimizes
the vulnerable.

18. How Do We Secure
Member Data?

19. Data Security is a Team Effort
Blue Cross’ IT employees are a critical line of defense – they
are educated on an ongoing basis about how to recognize
potential threats to Blue Cross and member data.
Our social engineering exercises equip our employees with
the tools they need to identify tricks used by hackers to
infiltrate our system.

20. Data Security is a Team Effort
These social engineering exercises consist of trainings and tests
completed throughout the year, with employees chosen at
random to see if they are able to identify a phishing email.

21. Data Security is a Team Effort
These social engineering exercises consist of trainings and tests
completed throughout the year, with employees chosen at
random to see if they are able to identify a phishing email.
We consider it successful when they correctly identify a phishing
email, in addition to an opportunity for education when they are
having difficulty identifying them.

22. Data Security is a Team Effort
Social engineering exercises consist of trainings and tests completed
throughout the year, with employees chosen at random to see if they
are able to identify a phishing email.
We consider it successful when they correctly identify a phishing
email, in addition to an opportunity for education when they are
having difficulty identifying them.
This helps us strengthen security awareness and training programs so
we can better understand our employees’ thought process in
identifying scams, as well as keep a pulse on the evolution of hackers’
sophisticated schemes.

23. Secure Health Care Service
We also assess the cyber threat landscape to stay one step ahead
of hackers and others with malicious intent who are looking to
threaten Blue Cross or member security.
We connect with experts who are able to plug into trends on the
dark web for insights on how to proactively prepare for hackers
actively working to obtain information illegally.

24. Identifying ways hackers can
gain access is key to stopping
attacks before they happen.

25. The Blue Cross IT Team

26. As a company, we invest in creating new IT positions as
technology continues to advance.
As a tech employer, we find value in hiring candidates with a
variety of professional backgrounds, providing them room to
grow and expand their skillsets.
Just as hackers don’t all come from the same background,
Information Security experts who bring in a variety of
experiences can bring valuable insights to the profession.
Investing in Employees and the Future

27. It is a commonly-held misconception that IT
professionals have to have a technological
background…
A Place For Everyone

28. It is a commonly-held misconception that IT
professionals have to have a technological
background…
…However, the ability to learn new skills,
problem solve and adapt to new situations are
key strengths of an IT team member.
A Place For Everyone

29. There are a number of careers one can pursue as a
member of the Blue Cross IT team, including:
A Place For Everyone
Security
Analyst
Applications
Security
Testing
Engineering and
Architecture

30. The route to becoming an IT
professional can be curved,
with opportunities to develop a
variety of skills that contribute
to success.

31. To learn more about Blue Cross IT and
opportunities to join our team, visit:
MIBlueTech.com
Blue Cross Blue Shield of Michigan and Blue Care Network are nonprofit corporations and independent licensees of
the Blue Cross and Blue Shield Association.