Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo.

Slides:



Advertisements
Similar presentations
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.
Advertisements

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Security Controls – What Works
Session 3 – Information Security Policies
© 2003, EDUCAUSE/Internet2 Computer and Network Security Task Force Computer Access, Privacy and Security: Legal Obligations and Liabilities Rodney J.
Obtaining, Storing and Using Confidential Data October 2, 2014 Georgia Department of Audits and Accounts.
Comprehensive DLP Solutions in Large Geographically Dispersed Companies.
August 21-24, 2007 Privacy and Security Leaders as Partners in Patient-Centered Care Presented by Samuel P. Jenkins, FACHE Director, Defense Privacy Office.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Information System Security Plan Steps. STEP ONE – Understand the A sset Philosophically, we believe that “security should follow data” But we know that.
A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,
Thomas Levy. Agenda 1.Aims: CIAN 2.Common Business Attacks 3.Information Security & Risk Management 4.Access Control 5.Cryptography 6.Physical Security.
About Safend ► Venture capital backed by: ► Experienced management team ► Top talent researchers and security experts ► Customers in the forefront of security.
Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Dell Connected Security Solutions Simplify & unify.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
The 2009 HIMSS Security Survey: Insights into the Status of Healthcare Security Implementation sponsored by Symantec Meeting of the HIT Standards Committee,
ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:
Logging Antivirus Examples Use recent examples from media of such attacks (RSA, Epsilon, Oak Ridge National Labs, HBGary). Articles in business magazines.
Information Security Governance and Risk Chapter 2 Part 3 Pages 100 to 141.
Privacy and Security Risks to Rural Hospitals John Hoyt, Partner December 6, 2013.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
UWM CIO Office Institutional Data Privacy and Security Presenter: Steve Brukbacher, Information Security Architect Moderated by: Bruce Maas, CIO November.
Pedigree: Network-wide Protection Against Enterprise Data Leaks Team: Nick Feamster, Assistant Professor, School of CS Anirudh Ramachandran, PhD candidate,
Connecting with Your Peers IT Challenges and Opportunities in 2012 A Facilitated Group Discussion Thursday, January 12, 2012.
Prepared by Dept. of Information Technology & Telecommunications, November 19, 2015 Application Security Business Risk and Data Protection Gregory Neuhaus.
Why FIDO Matters? Healthcare Tom Groom CEO October 5th, 2015 Confidential.
The ADMIRe Project and Institutional Research Data Management Stephen Pinfield, CIO Caroline Williams, Director of Research & Learning Resources RLUK March.
DATA IT Senate Data Governance Membership IT Senate Data Governance Committee Membership Annie Burgad, Senior Programmer, Central IT Julie Cannon, Director.
CIBC Global Services © 2006, Echoworx Corporation Ubiquity of Security Compliance and Content Management Stephen Dodd Director – Enterprise Accounts.
Welcome and Introduction to the Security Task Force Peter Siegel Co-Chair, Security Task Force Chief Information Officer and Vice Provost University of.
Chris Apgar, CISSP President, Apgar & Associates, LLC December 12, 2007.
Visibility. Intelligence. response Information Security: Risk Management or Business Enablement? Mike Childs Vice President Rook Security.
Managing to the New Reality in Healthcare Privacy Moderator: Mollie Shields-Uehling President and CEO SAFE-BioPharma Association Shared Assessments Summit.
Legal Jeopardy: Whose Risk Is It?. SPEAKERS Jason Straight Chief Privacy Officer and Senior Vice President Cyber Risk Solutions at UnitedLex Patrick Manzo.
2013 Cost of Data Breach Survey: Global Analysis Ponemon Institute (2013) 1.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
FBI Phoenix Computer Crime Squad SA Tom Liffiton 10/23/2003 Maricopa Association of Governments Telecommunications Advisory Group.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Identity Awareness and Data Loss Prevention Effective DLP David Miller Sr. Director, Security Products October 15, 2009.
1 AFCOM Data Center World March 15, 2016 Moderator: Donna Jacobs, MBA Panel: Greg Hartley Bill Kiss Adam Ringle, MBA ITM 9.2 The New Security Challenge:
DLP Solutions in Large Geographically Dispersed Companies.
HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.
Why SIEM – Why Security Intelligence??
White Paper: Enterprise Encryption and Key Management Strategy 1 Vormetric Contact: Name: Tina Stewart (send traffic.
Wednesday, November 7, 2012.
Cybersecurity as a Business Differentiator
Understanding DATA LOSS PREVENTION
Information Security Program
Information Security for Executives v1.0
Protecting sensitive data throughout its lifecycle
Information Security: Risk Management or Business Enablement?
I have many checklists: how do I get started with cyber security?
Securing Information for a Shared Services Infrastructure
General Counsel and Chief Privacy Officer
We want to hear from you! chime16.org/evals
XAHIVE International LLC Ottawa • New York
How to Mitigate the Consequences What are the Countermeasures?
DATA LOSS PREVENTION Mr. Collins Oduor.
The State of Cybersecurity in State Government NAST March 26, 2019
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Managing IT Risk in a digital Transformation AGE
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Computer Services Business challenge
Information Security Breach definitions
Presentation transcript:

Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security NJHIMSS Security, Privacy and Compliance Taskforce Tom Bartiromo Saint Barnabas Healthcare System, VP & CTO Livingston Services Corp, VP & CIO Co-Chair Vikas Khosla BluePrint Healthcare IT President and CEO Co-Chair November 23, 2010

Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security Moderator: Mike Maksymow, MBA/TM, CPHIMS Director, Information Services & Telecommunications Robert Wood Johnson University Hospital Hamilton Speakers: Hussein Syed Director, IT Security Saint Barnabas Healthcare System Phillip Curran Chief Information Security Officer Cooper University Hospital

Data Loss and Prevention: Securing Hospitals from Data Breach through End Point Security Agenda  Three areas of endpoint security  Endpoint health  Data security  Data Loss Protection/Prevention (DLP)  Endpoint Security Lifecycle Management  Helpful Links

Three areas of endpoint Security Endpoint health Data security Data Loss Protection/Prevention (DLP)

Endpoint Health What ?  Anti-Virus/Spyware  Malicious Code/poorly developed programs  Advance Persistent Threats (APT)  End User Misuse Why?  To prevent uninterrupted service  Data breach/exposure  Regulatory compliance  Loss of reputation  Financial impact Challenges  Awareness/Education  Cost justification  Support cost  Management Awareness  Metrics

Data Security What ?  Endpoint encryption  Removable media encryption  Asset tracking Why ?  To prevent unauthorized access  Breach notification exemptions Challenges  Adoption  Password/Key management  Endpoint performance  Cost

Data Loss Protection/Prevention (DLP) What?  Data at rest  Data in motion  Data in use Why?  Unauthorized access  Data accounting and classification  Visibility Challenges  Now you know, must do something  Business units’ buy-in

Endpoint Security Lifecycle Management Governance & Management  Policies  R&D to develop an acceptable solution  Intra-department collaboration  Marketing of security programs Operations  Maintenance of infrastructure  Incident handling

Useful Links  2010 HIMSS Security Survey  Ponemon Institute Data Security, Breach and Prevention Whitepapers and Reports

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.