Digital Transformation: A Secure Connected Healthcare Ecosystem
Digital transformation is creating numerous business opportunities touching every aspect of organizations. Capturing those opportunities requires navigating substantial business and technical challenges. Consumer devices and associated patient expectations are colliding with changing healthcare delivery channels and underlying enterprise systems. Industrial and consumer devices laden with internet-connected embedded processors are forming a vast IoT. Machine-learning and AI are also playing an increasingly prominent role, and these trends combined with powerful mobility, cloud and social trends, are creating ever more points of vulnerability and putting more data at risk. The challenges are heightened by increased threat actor capabilities evidenced in denial of service attacks from activists to ransomware incidents to “advanced persistent threats” involving government sponsorship. Going forward, it is not a question of if security failures could happen, but rather how we react when breaches or compromises occur — as much or more a question of detection, containment, and remediation as prevention.
The health ecosystem represents diverse participants from large multi-national corporations to individual practices: Care providers, outsourced service providers, pharmacies, pharmaceutical firms, claims processors, payers, device manufacturers, and other suppliers and vendors. Arguably more than any other value chain/network in any industry, these healthcare players must be able to share information and provide services securely in a world undergoing digital transformation. Intelligent adversaries exploiting vulnerabilities in any part of this ecosystem create incidents that rapidly propagate to unsuspecting members. Hospitals, suppliers and payers alike face risks ranging from theft of private information, hold-ups, denial of service attacks, and fraud. Providers and device manufacturers face risks from device compromise. Individuals face risks ranging from privacy violations to medical identity theft and personal harm. In the increasingly connected health delivery system, innovative solutions are required to ensure uninterrupted communications, service availability, and protection of critical individual, corporate or government data.
In this workshop, we will discuss what this means for organizations, but more specifically what it means for the health care ecosystem and our ability to address the challenges of interconnectivity and the idea that patient data should be able to flow to where it is needed. Specifically, we will address questions such as:
- What does the cyber landscape look like in healthcare? How different is it than 18 months ago? What business decisions towards digital transformation have you made? How is that transformation impacting your cyber/info security posture?
- How do the security trends for the different players in the industry / value chain differ? How do the differences effect the ability of the value network to function together? Are regulation and standards playing a positive role? How could industry collaboration mechanisms be better supported?
- How are the biggest concerns for your organizations changing? Holdups? Privacy breaches? Denial of service? Advanced persistent threats? Industrial espionage? Security of devices and control systems? Comprise of financial or payment systems?
- What are the particular cyber risks emanating from the migration to the cloud? What particular challenges does the growth of IoT bring?
- How do we secure patient data well enough to without hindering the flow of information to those who need it, including the patients?
- How can executives develop organizational capabilities to sense and respond to evolving vulnerabilities and threats? What governance approaches have been most successful?