Fraud Management & Cybercrime , Healthcare , Industry Specific

Expanding Vendor Base, Shrinking Security Perimeter?

Hugo Lai of Temple University Health System on Vendor Management, Ransomware and AI
Hugo Lai, CISO, Temple University Health System

Ransomware remains a critical concern for healthcare systems, affecting the availability of patient care. Hugo Lai, CISO at Temple University Health System, said defenders need to understand the dependencies within business processes to effectively combat ransomware.

See Also: Effective Communication Is Key to Successful Cybersecurity

Recent highly disruptive, high-profile ransomware attacks, including those on Change Healthcare and Ascension Health, have prompted a reevaluation of vendor strategies. It's essential for organizations to have a robust incident response plan, particularly for attacks that disrupt clinical services or network connectivity, Lai said.

"The more vendors we use, the more work we have to do to validate the security postures of those additional vendors," he said. "We also have to think strategically of how these new vendors integrate with the existing environment. We want to make sure we are not creating a new problem by solving the existing problem."

In this video interview with Information Security Media Group at the 2024 Healthcare Cybersecurity Summit, Lai also discussed:

  • The need for a balanced strategy for third-party vendor policies;
  • Using AI to improve incident response times and effectiveness;
  • The importance of fostering a strong cybersecurity culture across the workforce.

Lai has experience leading cybersecurity programs for healthcare organizations of different sizes. Prior to transitioning to healthcare, he was a cybersecurity consultant at Booz Allen Hamilton and Big Four consulting firms supporting commercial and government clients.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.