A few months ago, security leaders around the world faced an unprecedented challenge in addressing threats and challenges related to a global pandemic. In the healthcare space, CISOs juggled a spike in cyberattacks, newly remote employees, and securing healthcare institutions.
For Mike Gregory, CISO at Community Health NW Indiana, the biggest problems were strategic.
"It was just triage after triage," he said during a virtual roundtable of healthcare CISOs hosted today by Proofpoint. The security team was working to protect remote employees, ensure hospital providers could do their jobs, monitor threat intelligence feeds, and keep up with essential operations.
The transition to remote work was significant. CISOs faced challenges related to endpoint protection, establishing virtual private networks, and training employees in security practices. Gregory's team was tasked with extending infrastructure out to the remote workforce and coping with remote filtering, he said. Without a large gateway, they couldn't monitor all of their activity, such as websites they visit or activities they're running that could distract from their work.
Roughly 40% of the workforce at Seattle Children's pivoted to remote work as a result of the pandemic, said CISO Gary Goode. When they did, he said, the organization provided end-user training for certain types of roles depending on how that person interacted with their email.
The auditing department and executive leadership, for example, were trained in recognizing threats to improve awareness of malicious emails they might receive. Most of the attacks in the environment targeted accounts payable, specifically getting them to change payment data. In addition to raising awareness, Goode implemented a system of checks and balances: If there is a ..
Support the originator by clicking the read the rest link below.
