Fraud Management & Cybercrime , Healthcare , Industry Specific
Expanding Vendor Base, Shrinking Security Perimeter?
Hugo Lai of Temple University Health System on Vendor Management, Ransomware and AIRansomware remains a critical concern for healthcare systems, affecting the availability of patient care. Hugo Lai, CISO at Temple University Health System, said defenders need to understand the dependencies within business processes to effectively combat ransomware.
See Also: Effective Communication Is Key to Successful Cybersecurity
Recent highly disruptive, high-profile ransomware attacks, including those on Change Healthcare and Ascension Health, have prompted a reevaluation of vendor strategies. It's essential for organizations to have a robust incident response plan, particularly for attacks that disrupt clinical services or network connectivity, Lai said.
"The more vendors we use, the more work we have to do to validate the security postures of those additional vendors," he said. "We also have to think strategically of how these new vendors integrate with the existing environment. We want to make sure we are not creating a new problem by solving the existing problem."
In this video interview with Information Security Media Group at the 2024 Healthcare Cybersecurity Summit, Lai also discussed:
- The need for a balanced strategy for third-party vendor policies;
- Using AI to improve incident response times and effectiveness;
- The importance of fostering a strong cybersecurity culture across the workforce.
Lai has experience leading cybersecurity programs for healthcare organizations of different sizes. Prior to transitioning to healthcare, he was a cybersecurity consultant at Booz Allen Hamilton and Big Four consulting firms supporting commercial and government clients.