Online Safety Community

CISOs map out their cybersecurity plan for 2018

When Omar F. Khawaja compiled his priority list for 2018, he didn’t include which security technologies he wanted or how many IT staff he hoped to hire.

Instead, the CISO at Highmark Health — a healthcare management and insurance provider whose portfolio includes Allegheny Health Network, United Concordia Dental and Visionworks, among others — articulated an overarching strategy on how the cybersecurity plan should fit within the national organization’s business strategy.

network-security-and-big-data-analytics-2-638https://compliance4all14.files.wordpress.com/2018/02/network-security-and-big-data-analytics-2-638.jpg?w=150&h=113 150w, https://compliance4all14.files.wordpress.com/2018/02/network-securi... 300w, https://compliance4all14.files.wordpress.com/2018/02/network-securi... 638w" sizes="(max-width: 563px) 100vw, 563px" height="313" width="417" />

“While I do realize that I will need technology to enable many of the things I’m trying to do [this] year and going into 2019, my goal isn’t to deploy technology, but to realize certain outcomes,” said Khawaja, who works out of Highmark’s Pittsburgh headquarters.

Khawaja broke his cybersecurity plan down into five key areas of focus.

First, he wants to look at how his team makes decisions. “There are always more opportunities to make more impact and add more controls than there are the resources and time to do so,” he said. “So how do we create a decision-making framework so we get [our priorities in order]? And we’re not doing things because it’s a shiny object, but instead because it [has] real business impact?”

Second is organizational change management. The corporate security team needs to be confident that staff throughout Highmark Health, and its subsidiaries, adapt practices and processes to maximize the value of the implemented security protocols and technologies.

Next, Khawaja wants to ensure his team’s cybersecurity plan is aligned with the top business risks, so that the cybersecurity program “isn’t a security program but a risk-management program.”

The healthcare organization also wants to focus on operational excellence and customer satisfaction. “We absolutely have to understand what objectives we’re trying to achieve and who our key stakeholders are,” Khawaja said. “It’s not that we just simply secure the place, but we do it in a way that’s excellent. We have to do it at 100%, and we’ve got to be at 100% every single time.”

While Khawaja’s plans may sound ambitious, he is not alone. Studies show that executives increasingly recognize that a cyberattack could cripple their operations and mean millions in lost business and reputational damage as well as in cleanup costs. The National Association of Corporate Directors’ 2017-2018 Public Company Governance Survey found that cybersecurity threats ranked among the top five trends expected to have the greatest effect on business in the upcoming year.

For Continuation http://bit.ly/2E4Ndsj

Views: 13

Comment

You need to be a member of Online Safety Community to add comments!

Join Online Safety Community

Take our poll!

Take our poll!

Latest Activity

nicolewells posted a discussion

Security Storage SAN Performance

Hello All,Have a question regarding SAN performance specifically EMC VNX SAN. I have a significant number of processes spread over number of blade servers running concurrently. The number of processes is typically around 200. Each process loads 2 small files from storage, one 3KB one 30KB. There are millions (20) of files to be processed. The processes are running on Windows Server on VMWare. The way this was originally…See More
yesterday
Rebecca Lewis posted a discussion

What safety signs should I acquire for my shop’s construction?

Hello everyone! The construction of my new flower shop will start next month, and it’s a big project for me. Since the shop’s location is near the main road, I want to make sure that everyone is safe during the work. I can’t afford any accident like people getting injured. So I’m thinking of purchasing construction health and safety signs from a supplier that my friend recommended.…See More
Friday
Rebecca Lewis joined Safety Community's group
Thumbnail

Construction

For those working in Carpentry, Drywall, Electric, General Labor, HVAC, Landscaping, Masonry and Plumbing.
Friday
Adam Fleaming posted a blog post

FMEA in medical devices can work better when mated with ISO 14971

Failure Mode and Effects Analysis (FMEA) is a core aspect of risk management and risk analysis in medical devices. FMEA is essentially about analyzing the reasons for which a problem arises and the effects it has on the system. In the field of medical devices, it is absolutely critical to understand the failure mode and effects because the consequences of not doing this can be disastrous and many times, even…See More
Friday

Forum

Security Storage SAN Performance

Hello All,Have a question regarding SAN performance specifically EMC VNX SAN. I have a significant number of processes…Continue

Tags: san, vmware, emc

Started by nicolewells yesterday.

What safety signs should I acquire for my shop’s construction?

Hello everyone! The construction of my new flower shop will start next month, and it’s a big project for me. Since the shop’s location is near the main road, I want to make sure that everyone is safe…Continue

Started by Rebecca Lewis on Friday.

Gig Economy

The career world has rapidly changed and these days, long-term careers and people working in just one job are slowly but steadily becoming a thing of the past. In fact, according to research, in the…Continue

Tags: field, engineer, IT, freelance, economy

Started by Mohd Azher on Wednesday.

How to Repair MySQL InnoDB Table That Has Issues?

When trying to run: delete IdentityRequest *I get an error of sailpoint.tools.GeneralException: null index column for collection: sailpoint.object.IdentityRequest.itemsDoing a select * from…Continue

Tags: course, sailpointonline, sailpoint

Started by Soujanya Naganuri on Tuesday.

Occupational Health and Safety 7 Replies

Health and safety are important aspects of an organisation’s smooth and effective functioning.  Did you know that workplace health & safety injuries cost Australian businesses over $60 billion…Continue

Tags: Safety, and, Health, Occupational

Started by WHS Solutions. Last reply by Tony Ferraro Feb 18.

Badge

Loading…

© 2018   Created by Safety Community.   Powered by

Badges  |  Report an Issue  |  Terms of Service