Bringing Healthcare CISOs Together to Discuss Security Risk Management
As a strategic advisor to Mimecast and planning committee member of the 2017 AEHIS/CHIME event in San Antonio, I see firsthand how healthcare IT security leaders are challenged daily with an onslaught of cyberattacks such as malware, ransomware, phishing campaigns, and threats to medical devices. Increasingly complex governmental security regulations further complicate the healthcare CISO’s overall objective of safeguarding the network and protecting patient information. As the threats grow and oversight becomes more necessary, security practices must align with overall organizational strategies, leveraging the technology and services that will help expand security boundaries.
The Association for Executives in Healthcare Information Security (AEHIS) was launched in 2014 to provide an education and networking platform to healthcare’s senior IT security leaders. There are a lot of resources out there for general security leaders, but healthcare has its own challenges that are unique to the industry. The mission is to provide services to those leaders in healthcare security, not only to help their organizations but to help security leaders personally. My involvement in CHIME over the years has shown me the value of building a strong network with CHIME’s members and foundation partners to collaborate, exchange ideas, and help develop effective use of information management to improve the delivery of healthcare services.
This year’s AEHIS Fall Summit will be in held in San Antonio, TX on October 30-31 2017. The agenda is focused on Security Risk Management and it's being integral to the overall Risk Management program(s) within a healthcare organization. Some highlights of the agenda will include:
- Opening and closing keynote speakers – discussing a range of topics including understanding advances in healthcare technology to hearing from a CHIME co-founder on the “The Changing Role of the CIO and IT Executives.”
- Threat Prioritization, Best Practices, and New Insights – this topic will address strategies on how best to consume and prioritize threat information for the benefit of executive decision making and more resilient defense.
- Incident Response Strategy – this topic will highlight best practices in cyber incident response preparedness and provide you with an introspective focus for evaluating your organization’s response strategy.
- Effective Board Level Engagement – this topic will address assisting the Board in understanding that information risk management is part of an overall enterprise risk management program and is a critical success factor for CISOs today.
- HHS/OCR Audit – this topic will cover how to successfully prepare for an HHS audit and better understand what an audit entails, the protocols involved, requirements reviewed and common corrective actions that will better prepare your organization for a positive outcome.
The AEHIS Fall Summit is geared towards providing guidance, knowledge, and information to support the executives, corporate officers and cross-functional teams who face security risk management challenges each day. AEHIS’s education and events focus is to provide an executive level perspective on how to establish and maintain a security risk management program, how to prioritize security risk mitigation efforts and communicate program strategy as well as ROI and results, ultimately creating a security-aware, sustainable culture.