Presentation is loading. Please wait.

Presentation is loading. Please wait.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

Published byChester White Modified over 9 years ago

Similar presentations

Presentation on theme: "GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015."— Presentation transcript:

1 GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc.
September 21, 2015

2 Cybersecurity Recent Events
State of Affairs: The health care industry accounted for 42.5% of all data breaches over the last three years, considerably more than any other sector of the economy, according to the Identity Theft Resource Center, and 91% of all health care organizations reported at least one data breach over the last two years according to usatoday.com. UCLA Health System – July 2015 million people Anthem Breach – February 2015 - 80 million social security numbers and other sensitive data Sony Entertainment – November 2014 - 10s of terabytes of confidential data Community Health Systems – August 2014 million patients

3 Cybersecurity Preparedness – Healthcare Source: HIMSS Cybersecurity Survey

4 Significant Threats: Top 10 – Healthcare Source: HIMSS Cybersecurity Survey

5 Most Common PHC Attacks
Ranked in Order Malicious Attachments in Corporate Malicious Web Links in Corporate Phishing and Spear Phishing s Public Facing Servers (DMZ) Personal Webmail

6 And When the Tools Fail? Incident Response Lifecycle
Stage I: Discovery & Reporting Stage II: Incident Response Team Investigation Stage III: Responding to the Incident Stage IV: Containment, Restoration, Recovery Stage V: Post Incident Review and Follow Up

7 Protect Against Attacks
Cyber Security Tools Firewall Rule Management Intrusion Prevention and Detection systems (IPS/IDS) Content Filtering and Encryption Internet Content Filtering Anti-virus Programs Server Operating System Patch Monitoring and Deployment Secure (Data) File Transfer Protocols (SFTP)

8 Closing the Gaps 3rd Party Help
24/7 log monitoring and incident escalation More Information Security Staff Evaluate Current Security Tools Security Tool Configuration Assessment Implement a Vulnerability Management Program

9 Strategic Cyber Security Initiatives
Trend Deep Discovery Specialized threat detection technology and proactive process of real-time threat management through the monitoring of network traffic Detects and Protects Against • APTs and targeted attacks • Zero-day malware and document exploits • Attacker network activity • Web threats (exploits, drive-by-downloads) • threats (phishing, spear phishing) • Data exfiltration • Bots, trojans, worms, keyloggers • Disruptive applications

Download ppt "GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015."

Similar presentations

Incident Response Managing Security at Microsoft Published: April 2004.

Incident Response Managing Security at Microsoft Published: April 2004.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Security Controls – What Works

Security Controls – What Works
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
E-Commerce Security and Fraud Issues and Protections

E-Commerce Security and Fraud Issues and Protections
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
HEALTHCARE BREACHES Andrew Kuebler MIS 534 April 15, 2015.

HEALTHCARE BREACHES Andrew Kuebler MIS 534 April 15, 2015.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Similar presentations

Ads by Google