Online Safety Community

CISOs map out their cybersecurity plan for 2018

When Omar F. Khawaja compiled his priority list for 2018, he didn’t include which security technologies he wanted or how many IT staff he hoped to hire.

Instead, the CISO at Highmark Health — a healthcare management and insurance provider whose portfolio includes Allegheny Health Network, United Concordia Dental and Visionworks, among others — articulated an overarching strategy on how the cybersecurity plan should fit within the national organization’s business strategy.

network-security-and-big-data-analytics-2-638https://compliance4all14.files.wordpress.com/2018/02/network-security-and-big-data-analytics-2-638.jpg?w=150&h=113 150w, https://compliance4all14.files.wordpress.com/2018/02/network-securi... 300w, https://compliance4all14.files.wordpress.com/2018/02/network-securi... 638w" sizes="(max-width: 563px) 100vw, 563px" height="313" width="417" />

“While I do realize that I will need technology to enable many of the things I’m trying to do [this] year and going into 2019, my goal isn’t to deploy technology, but to realize certain outcomes,” said Khawaja, who works out of Highmark’s Pittsburgh headquarters.

Khawaja broke his cybersecurity plan down into five key areas of focus.

First, he wants to look at how his team makes decisions. “There are always more opportunities to make more impact and add more controls than there are the resources and time to do so,” he said. “So how do we create a decision-making framework so we get [our priorities in order]? And we’re not doing things because it’s a shiny object, but instead because it [has] real business impact?”

Second is organizational change management. The corporate security team needs to be confident that staff throughout Highmark Health, and its subsidiaries, adapt practices and processes to maximize the value of the implemented security protocols and technologies.

Next, Khawaja wants to ensure his team’s cybersecurity plan is aligned with the top business risks, so that the cybersecurity program “isn’t a security program but a risk-management program.”

The healthcare organization also wants to focus on operational excellence and customer satisfaction. “We absolutely have to understand what objectives we’re trying to achieve and who our key stakeholders are,” Khawaja said. “It’s not that we just simply secure the place, but we do it in a way that’s excellent. We have to do it at 100%, and we’ve got to be at 100% every single time.”

While Khawaja’s plans may sound ambitious, he is not alone. Studies show that executives increasingly recognize that a cyberattack could cripple their operations and mean millions in lost business and reputational damage as well as in cleanup costs. The National Association of Corporate Directors’ 2017-2018 Public Company Governance Survey found that cybersecurity threats ranked among the top five trends expected to have the greatest effect on business in the upcoming year.

For Continuation http://bit.ly/2E4Ndsj

Views: 79

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

John Robinson posted events
Friday
Mark Nilson posted events
Friday
Nakul Pratap added a discussion to the group Certification and Training
Thumbnail

Enroll Our Nebosh Course in Saudi Arabia Becomes a professional safety officer

Green World Group is an repeated Safety training institute in Saudi Arabia offered Nebosh Course in Saudi Arabia. We provide many safety training courses like IOSH, Safety Diploma, and many more safety course in Saudi Arabia.A NEBOSH qualification Course offers much better recognition from organizations. Every year, more than 35, 000 persons doing work in an array of alternative sectors take these in the world…See More
Friday
Nakul Pratap joined Safety Community's group
Friday

Forum

5 TECHNOLOGY-BASED LONE WORKER SAFETY SOLUTIONS

ABOUT 75% OF EMPLOYEES IN NORTH AMERICA ARE MOBILE WORKERS. ADVANCES IN COMMUNICATIONS TECHNOLOGY MEANS THESE WORKERS CAN WORK ANYWHERE AT ANY TIME. THESE NEW TECHNOLOGIES ALSO MEAN THESE MOBILE…Continue

Tags: Solutions, People, IoT, Monitoring, Remote

Started by Jen McDade May 31.

Road Safety Solutions 14 Replies

The Road Safety Signs ,Barriers,Humps,Hazard Markers and Visual Warnings are some of the important marks to be observed. Signs such as "keep left",stop, "give way" should not be casually treated.…Continue

Tags: safety, gear, wear, Equipment, &

Started by Enna Henry. Last reply by Jen McDade May 31.

Remote Monitoring

Get "Safe Assets and Sound Productivity" Through Remote Monitoring.Visit:…Continue

Tags: Solutions, People, IoT, Monitoring, Remote

Started by Jen McDade May 23.

Python Condition Objects Tutorial in 2018 1 Reply

If you have knowledge of other programming languages, then you would know the importance of conditional statements. Conditional statements are required for taking decisions. Whenever we operate the…Continue

Tags: course, certification, training, languages, programming

Started by Elena Lauren. Last reply by Jim Chesters May 15.

Power BI Visualization Types

Visualizations in Power BI displays the visual insights from a data. In power bi service a visual can be pinned from reports to create dashboards. Visuals are used in reports.List of visualizations…Continue

Tags: COURSE, TRAINING, BI, POWER

Started by Azharuddin May 15.

Badge

Loading…

© 2018   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service