Assembly Recap: Transformational CISO & CISO Healthcare

  • By Elizabeth Radziul
  • in
  • on February 26, 2021

Cybersecurity leaders have been brought to the forefront of their organizations in the wake of ongoing disruption, which is why we were excited to host our Transformational CISO & CISO Healthcare Virtual Assembly this week. It was an engaging two days filled with interactive workshops and keynotes, C-Suite networking, and peer-to-peer problem solving on the most pertinent topics within cybersecurity today.

In case you missed it…

What We Learned From Our Keynote Speakers

sujeet bambawale

Sujeet Bambawale, CISO at 7-Eleven, started off this two day event with an engaging Keynote on what’s ahead in cybersecurity. Threat intelligence is on the rise, paving the way for attack simulations in order to meet increasing expectations. This will allow security teams to test efficacy in real-time against the latest threats. Sujeet also touched on a subject that proved to be a theme throughout the remainder of the Assembly: rapidly changing talent pipelines and the importance of diversity of experience and background within cybersecurity teams.

keynote panelOur day two Opening Keynote Panel was led by Diana Burley, Vice Provost for Research at American University, and featured panelists Ann Hines, Business Information Security Officer, Principal, USAA; Shefali Mookencherry, CISO, Edward-Elmhurst Healthcare; Brian Mork, CISO, Westinghouse Electric Company; and Devin Shirley, CISO, Arkansas Blue Cross Blue Shield. The panel focused on rethinking data governance frameworks in the midst of constant disruption. Shared insights included the need for more stringent asset management, building trust with vendors and maintaining control over subcontractors, and adequately training staff on security in a remote setting. Our panelists also noted that remote work is not new, but the scale at which it is currently implemented is, which means that security must be part of the overall workplace culture.

Chris Leach from Cisco led an interactive discussion on what it means to be a CISO for change. The CISO is responsible for managing security, but security is a team effort. That’s why CISOs need to act as thought leaders and involve other leaders within the organization in order to lead valuable change. CISOs are often viewed as the “no” people, but with the right collaboration, they can be the force behind change.

Engaging C-Suite Discussions

Tim Rohrbaugh, Chief Information Security Officer at JetBlue Airways Corporation discussed the Kaizen approach to security program improvement. This approach focuses on incremental, measurable change to threat actors’ cost, value proposition, or address motivations. The incremental change prevents the fear associated with long term change, and Threat-Informed Defense speeds up response times to quickly changing threats.  The concept’s ultimate goal is to improve visibility in order to eventually automate response.

jetblue

Next up, Jim Rutt, Chief Information Officer and Chief Information Security Officer, Dana Foundation led a discussion on a risk management approach to allocating budget. He notes that while risk cannot be completely eliminated, it can be reduced as much as possible to an acceptable level with proper qualitative and quantitative analysis. Risk mitigation can feel like a daunting task, but basic risk formulas can help give you a better understanding of your situation.

Robert Pace from Invitation Homes addressed the big threat: endpoint security. He stresses the importance of going back to the basics and determining the right “tools of choice” within your organization. Discussions on configuration, strategy, budget, and reporting are essential before new technology is introduced, but also for existing systems that need enhancement. 

Ed Harris from Mauser Packaging led an interactive session on becoming a 2.0 CISO. His advice is to use four simple tools. First, hiring smart people allows your team creates a strong team capable of bringing new ideas and value. Second, creating visibility is key because identifying anomalies requires understanding your baseline. Next, personal R&D teams can utilize think tanks and resources to problem-solve and stay on top of new developments in cybersecurity. Finally, it is important for CISOs to not just understand security and information system language, but also business language in order to make decisions on behalf of the business and move up in their organization. 

For the final session of the Assembly, Benjamin Corll CISO at Coats addresses automation’s role in cybersecurity. Automation can be useful in reducing alert fatigue, filling the gaps where there is a lack of resources, and creating the consistency that the human element lacks. While there is still room for growth and improvement in automation, the only way to progress is to start implementing it. 

Insights From Our Solution Providers

Sophos

Our partners at Sophos led the discussion on targeted ransomware. The best way to combat these targeted attacks is to understand how they are conducted by hackers. The key is to keep your guard up and be on the lookout for attacks that take place when the organization is most vulnerable.

Abnormal Security

Roman Tobe from Abnormal Security gave us the intel of Vendor Account Compromise, including how hackers gain access to accounts and how to stop them. It is important for organizations to understand common communication practices in order to more easily detect anomalies and stop them before they wreak havoc on vendor accounts. 

Palo Alto Network

Bruce Hembree from Palo Alto Networks noted that while people take time off, cyber threats are constant. That’s why Palo Alto Networks assesses organizations dynamically and in real time, and automatically respond to active threats. An automation funnel is used in order to handle a large volume of alerts and avoid major incidents.

Fortinet

Troy Ament and Jay Mervis from Fortinet led a workshop on evolving threats within healthcare. Between increased virtual visits and the rise of AI and Machine Learning, there is no doubt that digital innovation is causing an increase in cyber threats. That is why it is important for leaders to integrate network solutions with security policies. 

BeyondTrust

Chris Hills from BeyondTrust explains how you can switch from a reactive to a preventative approach to endpoint security. As threats continue to evolve, endpoints are becoming more complex, which leaves companies needing to do more with less. Furthermore, the “new normal” has created a perfect storm for privilege abuse. Because of this, organizations need complete endpoint security that acts as an ecosystem, not a single solution. One key part of creating a secure ecosystem is removing admin rights from the end user and giving them just enough privileges to do their job.

Qualys

Jeremy Briglia from Qualys notes that it is important to create an automated system without increasing associated risks. Continuous risk assessment can help ensure risks do not slip through the cracks. Asset inventory, vulnerability and configuration assessment, patch management, and threat risk and prioritization are essential to mitigating these risks. 

And the Winner of The Millennium Mission Prize is…

Mario Memmo

The Millennium Alliance will donate $1,000 on behalf of Mario Memmo to the charity of his choice. Mario won this award as a part of The Millennium Alliance’s new initiative, Millennium Mission, in which we donate to charities such as AdoptAClassroom.org, Feeding America, The Miracle Walk, the U.S. Coronavirus Emergency Response, and others on behalf of the most engaged attendee for each event. We are excited to make a donation in Mario Memmo’s name!

Don’t miss out on the next Transformational CISO Assembly! Join us on April 27th for our Transformational CISO Assembly & CISO Financial Services Virtual Assembly. Go here to RSVP.

Leave a Reply

PUBLISHED BY Elizabeth Radziul

View all posts by Elizabeth Radziul

Related Posts

Blockchain/Crypto/DeFi

The Millennium Alliance Will Now Accept Bitcoin Payment From Its Customers

NEW YORK – April 9, 2021 – The Millennium Alliance has just announced that it has started allowing customers and vendors to use their cryptocurrency holdings as a form of payment for future transactions. With Bitcoin nearly doubling in value since the start of this year, it was important to Millennium to embrace the digital […]

Millennium Staff

The Millennium Alliance Launches Its New Charitable Initiative, The Millennium Mission

NEW YORK – April 8 2021 – The Millennium Alliance is proud to launch The Millennium Mission, a new charitable endeavor that incorporates philanthropy into the Assemblies that Millennium’s members know and love. At each Assembly, the most engaged attendee will be awarded with a $1,000 donation in their name to the charity of their […]

#MillenniumLive , Healthcare

#MillenniumLive with Wolters Kluwer on AI-Powered Healthcare & Recent Tech Trends

#MillenniumLive is joined by Dr. Itay Klaz, Medical Director for Clinical Surveillance & Compliance at Wolters Kluwer, Health. In this week’s episode, we take a deep dive into the development, implementation, and support of Wolter Kluwer’s AI-powered clinical surveillance solution and receive the physician’s perspective on some key trends surrounding enterprise-level EHR, treating Sepsis, and […]

CMO

Research Preview: The State of Digital Advertising in Retail 2021

Digital advertising is difficult, and the behavioral shift triggered by COVID have made it even more so. Many challenges get in the way of maximizing our Return on Advertising Spend and delivering conversions. This was made painfully clear in a research study performed in Spring 2020 that uncovered the top organizational, people, and technology challenges […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.