Information Sharing , Training & Security Leadership , Video
CyberEdBoard Insights: Phil Englert and Errol Weiss
Health-ISAC Experts on Obstacles to Sharing Healthcare Cybersecurity InformationTransparency is crucial in building cyber resilience, but healthcare organizations are often cautious about sharing critical information, fearing "it will come back to haunt them," said Errol Weiss, CSO at Health-ISAC. While reputational damage, legal issues and potential lawsuits prevent organizations from coming forward in the event of an attack, it is an important step to keep the industry secure from similar attacks. "To beat one of us, they have to beat all of us," said Phil Englert, vice president of medical device security at Health-ISAC.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
The Health Information Sharing and Analysis Center advocates for transparency in sharing information about incidents, including anonymous sharing options to protect organizations. Shifting the focus from protecting assets to delivering patient care during cyberattacks is crucial, Englert said. By prioritizing business risk over legal concerns, healthcare organizations can improve incident response and build resilience.
"The information could potentially resonate with somebody else in this community, and they may have experienced that same event as well," Weiss said. "Organizations could benefit from those learnings. What did they do to mitigate that threat? What did they do to bring the systems up? Where were their priorities, and what other lessons could they benefit from?"
In this video interview with Information Security Media Group at the 2024 Healthcare Cybersecurity Summit, Weiss and Englert also discussed:
- Roadblocks that slow down incident response and preparedness for healthcare organizations;
- How the healthcare industry can overcome challenges in information sharing;
- How the intricate nature of healthcare networks and supply chains relates to effective incident response.
Englert has more than 30 years of technical and operational leadership experience in healthcare and life sciences. Prior to joining H-ISAC, he served as chief product officer for MedSec and was the global leader for medical device cybersecurity at Deloitte.
Weiss has more than 25 years of experience in information security. He began his career with the National Security Agency conducting penetration tests of classified networks, created and ran Citigroup's Cyber Intelligence Center and was a senior vice president executive with Bank of America's Global Information Security team. He is a member of the CyberEdBoard.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.