SlideShare a Scribd company logo

How to Use the NIST CSF to Recover from a Healthcare Breach

Download as PPTX, PDF
Symantec
Symantec

NIST Cybersecurity Framework for Healthcare Webinar Series

Software
1 of 42
Recovering from a Healthcare Data Breach with the NIST Cyber Security Framework *Part 6 of the NIST CSF for Healthcare Webinar Series Ken Durbin, CISSP Strategist, CRM and Threat Intel Symantec 17-October-2017 Axel Wirth, CPHIMS, CISSP, HCISPP Distinguished Healthcare Architect Symantec
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF/Healthcare Webinar Series Overview February 9, 2017 Recording Available Online* Identify June 1st, 2017 Recording Available Online* Protect July 13th, 2017 Recording Available Online* Detect August 17, 2017 Recording Available Online* Respond September 12, 2017 Recording Available Online* Recover October 17, 2017 Today’s Webinar Recap December 5, 2017 Registration Open* * https://resource.elq.symantec.com/LP=4235 2
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 1. Security is always balancing act (that’s why we have Risk Analysis). "If we guard our toothbrushes and diamonds with the equal zeal, we will lose fewer toothbrushes and more diamonds." McGeorge Bundy, U.S. National Security Advisor to Presidents Kennedy and Johnson Testimony to Congress, March 1989. 2. Today’s fight against cybercriminals pitches finite resources (us) against infinite creativity (them). 3. Cybersecurity is no longer a device problem, it is a system problem. It is no longer an enterprise problem, it is a problem to global economies and national security. Three Facts about Today’s Cybersecurity 4
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY The Economics of Cybersecurity Investment (Gartner): • 2017: $86.4 billion (up 7% over 2016) • 2018: expected to reach $93 billion Losses (Cybersecurity Ventures): • ~$3 trillion today (others estimate at $1T) • 2021: expected to reach $6 trillion Growing at x% (x<10) Growing by multiples 5
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Securing Healthcare – Why is it so Hard? • Enforcing compliance / security may conflict with care delivery (usability, ease of access, user acceptance, …) • Complex organizations with complex decision making • Disparate technology platforms driven by: • Clinical preference • Vendor mandate • Regulatory mandates slow down change • Conservative decision making – err on the side of safety • History and culture: • Compliance viewed as security • Or even: compliance over security • Traditionally: • Underinvested in cybersecurity • Lack of board and executive leadership 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY The Healthcare Folly – Compliance over Security Blame it on HIPAA (Security Rule): • Compliance is not Security (although related) • HIPAA is just the Baseline (says HHS!) • It’s a Regulation, not a Framework • C-I-A of ePHI = limiting our risk scope (think: medical devices) • … and it’s so 2003, really Risk Analysis – often well-intended, but …. • Incomplete: Assets, information, usage • Infrequent: Annually … really? • Serving just one regulation (HIPAA, PCI, …) • Inconsistent: no traceability between RA’s • Lack of metrics and measurements • Self-serving: Checklist approach • Manual: It’s in a binder, somewhere • Not followed through – lack of mitigation! 7
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Cybersecurity in Healthcare – An Imperative for Action From: 2017 HIMSS Cybersecurity Survey (Aug. 2017) 72% of organizations spend 6% or less of their budget on security. Annual RA – leads to the conclusion that it is still compliance driven and not security driven. NIST CSF has become the most adopted security framework! 8
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities • Healthcare has undergone a Paradigm Shift. Traditionally: • HIPAA-driven priorities: Confidentiality, Integrity, Availability • Checklist approach - satisfy the auditor • Over the past 2-3 years, Availability has become a growing concern • Ransomware impacted information access and therefore clinical workflows • WannaCry shut down of hospitals (UK NHS) • Medical Device incidents have impacted care delivery • And we are starting to understand the Integrity problem • Again, Medical Devices (hacks that could kill – but research only so far) • Risk to critical systems and data … and Patient Trust • Even just the perception of Loss of Integrity is a problem A New Balance Between Compliance and Security 9
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities Supporting Examples 10
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities • Shifting Priorities • From accidental incidents to targeted and malicious attacks • Criminal attacks: politically motivated, targeting Devices, Information, Trust Strict Regulatory Controls need to be balanced with Nimble Security Confidentiality Availability Integrity Past Lost or stolen devices Technical failure Accidental alteration of data 11 Now • Financially motivated • Criminal intent (ransom, blackmail) • Political attacks (nations, hacktivists) Care delivery • Ransomware • Medical Devices Targeted attacks: intent to harm, create doubt in data (and larger healthcare system)
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why a Security Framework for Healthcare? After all, we already have HIPAA …. • HIPAA, specifically the Security and Privacy Rules: • High-level regulatory requirements – defines “what” but not “how” • And really, it is a decade+ old ….. meaning not well aligned with today's cyber threats • Limited to PHI – your security problem is much larger (non-PHI, patient safety, care operations, business & financial data, research & intellectual property, ….) • HIPAA provides a set of abstract compliance requirements: • Require interpretation • Scalable based on type of provider and risk • Security Frameworks in general, and the NIST Cybersecurity Framework (CSF) in particular, fill that gap. • NIST CSF makes academic and abstracts compliance requirements implementable leading to tangible security. • HIPAA is the target, NIST CSF the tool! 13
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY WHAT IS THE NIST CSF? The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a set of industry standards and best practices to help organizations manage cybersecurity risks. • Usage is voluntary, although incentives may emerge. • Common, flexible, and adaptable structure that can be used by all organizations. • Creation of NIST CSF was a collaborative process between the government and the private sector. • Symantec participated throughout the development of the framework 14
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY WHY NIST CSF? DESCRIBE IDENTIFY ASSESS COMMUNICATE • Current state • Target state • Priorities • Processes • Progress towards target state • Internally and externally 15
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Set of activities, desired outcomes, and applicable references common across critical infrastructure sectors Framework Core Framework Implementation Tiers Framework Profile Alignment of standards, guidelines, and practices to the Framework Core in a particular implementation scenario Provides context on how an organization views cybersecurity risk and the processes in place to manage that risk FRAMEWORK COMPONENTS 16
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Functions Categories Subcategories Informative References Identify Protect Detect Respond Recover Core FRAMEWORK CORE High-level cybersecurity goals Subdivision of Functions into groups of cybersecurity outcomes Further Subdivide Categories into specific outcomes Existing Controls used to implement Subcategory 17
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Functions ID Identify What assets need protection? PR Protect What safeguards are available? DE Detect What techniques can identify incidents? RS Respond What techniques can contain impacts of incidents? RC Recover What techniques can restore capabilities? FUNCTIONS Core 18
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategory Informative References Recover (RC) Recovery Planning (RC.RP): RC.RP-1: Recovery plan is executed during or after an event • CCS CSC 8 • COBIT 5 DSS02.05, DSS03.04 • ISO/IEC 27001:2013 A.16.1.5 • NIST SP 800-53 Rev. 4 CP-10, IR-4, IR-8 INFORMATIVE REFERENCES Core 19
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Where are we? Where do we want to be? Where are my Gaps? ALIGNMENT of Functions, categories, & subcategories w/ business requirements, risk tolerance, & organizational resources ENABLES organization to establish roadmap for reducing risk that is well aligned w/ organization goals, regulations, industry best practices, & risk priorities MULTIPLE profiles within an organization aligned with particular components is possible Profile FRAMEWORK PROFILE 20
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Tier 1 Partial: The organization: • Has not yet implemented a formal, threat- aware risk management process to determine a prioritized list of cybersecurity activities Tier 2 Risk Informed: The organization: • Uses a formal, threat-aware risk management process to develop a Profile of the Framework Tier 3 Repeatable: The organization: • Updates its Profile based on regular application of its risk management process to respond to a changing cybersecurity landscape Tier 4 Adaptive: The organization: • Updates its Profile based on predictive indicators derived from previous & anticipated cybersecurity activities Tier Selection Process CONSIDER organization’s current risk management practices, threat environment, legal and regulatory requirements, business/mission objectives, and organizational constraints DETERMINE desired Tier based on meeting goals, feasibility to implement and reduction of risk to acceptable levels LEVERAGE external guidance to help with tier selection Tiers FRAMEWORK TIERS 21
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Step 1: Prioritize and Scope Step 2: Orient Step 3: Create a Current Profile Step 4: Conduct a Risk Assessment Step 5: Create a Target Profile Step 6: Determine, Analyze, and Prioritize Gaps Step 7: Implement Action Plan FRAMEWORK CYCLE Identify business/mission objectives and high-level organizational priorities Identify related systems, regulatory requirements, and overall risk approach Identify which category and subcategory outcomes from framework core will be achieved Incorporate emerging risks and threat/vulnerability data to determine likelihood and impact of cybersecurity event Create a target profile describing the organization’s desired cybersecurity outcome Compare the current profile and target profile to determine gaps Organization determines which standards, guidelines and practices work best for their environment 22
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cyber Security Framework – Core Functions IDENTIFY Asset Management Business Environment Governance Risk Assessment Risk Mgmt. Strategy PROTECT Access Control Awareness & Training Data Security Info Protection & Procedures Maintenance Protective Technology DETECT Anomalies & Events Security Continuous Monitoring Detection Processes RESPOND Response Planning Communications Analysis Mitigation Improvements RECOVER Recovery Planning Improvements Communications What assets need protection? What safeguards are available? What techniques can identify incidents? What techniques can contain impacts? What techniques can contain impacts? Supply Chain Risk Mgmt. = new under CSF 1.1 (draft) 24
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Recovery Planning (RC.RP): RC.RP-1 Recovery plan is executed during or after an event Core Framework Core - Recover 25
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Improvements (RC.IM) RC.IM-1 Recovery plans incorporate lessons learned RC.IM-2 Recovery strategies are updated Framework Core - Recover Core 26
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Communications (RC.CO) RC.CO-1 Public relations are managed RC.CO-2 Reputation after an event is repaired RC.CO-3 Recovery activities are communicated to internal stakeholders and executive and management teams Framework Core - Recover Core 27
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Data Breach Cost and Root Cause 2017 Cost of Data Breach Study - United States Ponemon Institute, June 2017 29
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Symantec Alignment to CSF “Recover” Function Recovery Planning Control Compliance Suite (CCS), Cyber Security Services (CSS), Incident Response (IR) Improvements CCS, CSS, IR Communications CSS, IR Recover 30
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF Applicable Security Technologies Product Short Description NIST CSF “Recover” Control Compliance Suite CCS Automates IT Governance, Compliance and Risk Management. Enables continuous risk assessment and a unified view of security controls and vulnerabilities. Define and manage detection processes, roles & responsibilities. Identify and prioritize vulnerabilities. Cyber Security Services CSS Threat intelligence, security monitoring, skills development, and incident response. Minimize detection and response times, become proactive about emerging threats, and respond effectively to incidents. Incident Response IR Remote and on-site investigation, analyze root cause and impact of a security incident, return to operations. Support executive management and communications. Perform forensic procedures to collect, preserve, and analyze evidence; determine cause, timeline, and impact. 31
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cybersecurity Framework – Symantec Alignment Asset Management CCS, EPM, DLP, CASB Business Environment CCS, (EPM) Governance CCS, (VIP) Risk Assessment CCS, EPM, ATP, CSS, IR Risk Mgmt. Strategy CCS, DeepSight Supply Chain Risk Mgmt. ** CCS, (EPM), CSS, IR ID Mgmt. & Access Ctrl. VIP, SEP, ATP, CASB Awareness & Training CCS, CSS (skills & awareness) Data Security VIP, DLP, Encr., SEP, ATP, Proxy, CASB Information Protection P&P CCS, EPM, CSS, IR Maintenance EPM, VIP, SEP, CASB Protective Technology VIP, DLP, SEP, ATP, Proxy Anomalies & Events ATP, CSS, Email/Web, Proxy, CASB, Security Monitoring VIP, SEP, ATP, Email/Web, Proxy, CASB, CCS Detection Process CCS, ATP, CSS, Sec. Analytics Response Planning CCS, CSS, IR Communications CCS, CSS, IR Analysis CSS, IR Mitigation SEP, ATP, Proxy, IR Improvements EPM, DLP, SEP, ATP, CSS, IR Recovery Planning CCS, CSS, IR Improvements CCS, CSS, IR Communications CCS Identify Protect Detect Respond Recover ** = new under CSF v1.1 32
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cybersecurity Framework – Symantec Alignment Acronym Description Acronym Description ATP Advanced Threat Protection EPM Endpoint Management (Altiris) CASB Cloud Access Security Broker IR Incident Response CCS Control Compliance Suite MSS Managed Security Services CSS Cyber Security Services Proxy Proxy SG Gateway DeepSight Threat Intelligence Sec. Analytics Security Analytics DLP Data Loss Prevention SEP Symantec Endpoint Protection Email/Web Email/Web Security VIP Validation & ID Protection Encr. Symantec Encryption Solutions 33
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why is Healthcare so bad at IT Risk Management? Common Challenges: • Lack of understanding at the senior management and board-level • Not recognizing their responsibility: define governance, risk- tolerance, budget, staffing • Not speaking the same language: IT explains risks in terms of technology, not in business terms • Growing interconnection between technology and business risks • How long can you operate without your EHR, PACS …. or email? • There is increasing pressure to disclose technology risk • Federal and State • Lack of visibility into key business relationships with third parties • Business Associates post-Omnibus • Supply chain 35
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 34.0% 47.0% 19.0% Is there a standing security report presented at each board meeting? Yes No Don't Know 1/3 of responding organizations have security reports at each board meeting N = 100 Only 10% reported security presentations at each board meeting in 2015* *question was asked differently in 2015 and 2016 “Operationalizing Cybersecurity in Healthcare – 2017 Security & Risk Management Study”; HIMSS Analytics, Symantec 36
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF and HIPAA HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework The CSF “Recover” Function is aligned with HIPAA to: • Security incident response and reporting • Contingency planning and operations • Periodic evaluation • Disaster recovery planning HIPAA mapping as provided by Department of Health and Human Services https://www.hhs.gov/sites/default/files/nist-csf-to- hipaa-security-rule-crosswalk-02-22-2016-final.pdf Protect 37
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Core Informative References (example) For detailed standards and compliance mapping see NIST CSF Function Category Subcategories Informative References Recover (RC) Recovery Planning (RC.RP): RC.RP-1: Recovery plan is executed during or after an event • CCS CSC 8 • COBIT 5 DSS02.05, DSS03.04 • ISO/IEC 27001:2013 A.16.1.5 • NIST SP 800-53 Rev. 4 CP-10, IR-4, IR-8 • HIPAA Security Rule 45 C.F.R. §§ 164.308(a)(7), 164.310(a)(2)(i) 38
NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Using NIST CSF to Make Compliance and Security Work • Define current state, gaps, and goals • Implement action plan, based on priorities • Define process, make it reliable and reproducible • Meeting multiple security and compliance objectives • Meet needs of all stakeholders • Test, practice, and improve • Make complexity manageable • Measure and communicate 40
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF/Healthcare Webinar Series Overview February 9, 2017 Recording Available Online* Identify June 1st, 2017 Recording Available Online* Protect July 13th, 2017 Recording Available Online* Detect August 17, 2017 Recording Available Online* Respond September 12, 2017 Recording Available Online* Recover October 17, 2017 Today’s Webinar Recap December 5, 2017 Registration Open* * https://resource.elq.symantec.com/LP=4235 41
Thank You!

Recommended

Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010Donald E. Hester
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015Health IT Conference – iHT2
 

Recommended

Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010Donald E. Hester
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchMcKonly & Asbury, LLP
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...
The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...Cohesive Networks
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 Erick Kish, U.S. Commercial Service
 
CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015CHIME Lead Forum - Seattle 2015
CHIME Lead Forum - Seattle 2015Health IT Conference – iHT2
 
Happiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureHappiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureSuresh Kanniappan
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Cohesive Networks
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeDavid Ochel
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAmazon Web Services
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardHow to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardEnergySec
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworksJohn Arnold
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALCYBER SENSE
 
NIST CSF Overview
NIST CSF OverviewNIST CSF Overview
NIST CSF OverviewPriyanka Aash
 
Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?Jim Meyer
 
Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15Dr Dev Kambhampati
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGovernment Technology and Services Coalition
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Smart Grid Interoperability Panel
 
Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskHealth Catalyst
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...Cohesive Networks
 

More Related Content

What's hot

Happiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureHappiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureSuresh Kanniappan
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Cohesive Networks
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeDavid Ochel
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterTuan Phan
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAmazon Web Services
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSJohn Gilligan
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardHow to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardEnergySec
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworksJohn Arnold
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALCYBER SENSE
 
Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?Jim Meyer
 
Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15Dr Dev Kambhampati
 

What's hot (20)

Happiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance BrochureHappiest Minds NIST CSF compliance Brochure
Happiest Minds NIST CSF compliance Brochure
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
 
NISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best PracticeNISTs Cybersecurity Framework -- Comparison with Best Practice
NISTs Cybersecurity Framework -- Comparison with Best Practice
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond ChapterNIST Cybersecurity Framework Intro for ISACA Richmond Chapter
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Aligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWSAligning to the NIST Cybersecurity Framework in the AWS
Aligning to the NIST Cybersecurity Framework in the AWS
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Cybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHSCybersecurity Priorities and Roadmap: Recommendations to DHS
Cybersecurity Priorities and Roadmap: Recommendations to DHS
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced ScorecardHow to Build Your Own Cyber Security Framework using a Balanced Scorecard
How to Build Your Own Cyber Security Framework using a Balanced Scorecard
 
Security architecture frameworks
Security architecture frameworksSecurity architecture frameworks
Security architecture frameworks
 
IT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSALIT SECURITY ASSESSMENT PROPOSAL
IT SECURITY ASSESSMENT PROPOSAL
 
NIST CSF Overview
NIST CSF OverviewNIST CSF Overview
NIST CSF Overview
 
Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?Cybersecurity Framework - What are Pundits Saying?
Cybersecurity Framework - What are Pundits Saying?
 
Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15Energy sector cybersecurity framework implementation guidance final 01-05-15
Energy sector cybersecurity framework implementation guidance final 01-05-15
 
GSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through AcquisitionGSA's Presentation on Improving Cyber Security Through Acquisition
GSA's Presentation on Improving Cyber Security Through Acquisition
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
 

Similar to How to Use the NIST CSF to Recover from a Healthcare Breach

Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskHealth Catalyst
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...Cohesive Networks
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management FrameworkJoseph Wynn
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxControlCase
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
 
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...NetworkCollaborators
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsKen M. Shaurette
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 
w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018Open Security Summit
 
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Denim Group
 
SBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesSBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesEMC
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...robbiesamuel
 
Cisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesCisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesNetworkCollaborators
 
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...Health IT Conference – iHT2
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 

Similar to How to Use the NIST CSF to Recover from a Healthcare Breach (20)

Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor Risk
 
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
CircleCity Con 2017 - Dwight Koop's talk Cybersecurity for real life: Using t...
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Webinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptxWebinar-MSP+ Cyber Insurance Fina.pptx
Webinar-MSP+ Cyber Insurance Fina.pptx
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
 
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
Cisco Connect 2018 Malaysia - Cisco incident response services-strengthen you...
 
Fdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessmentsFdic ffiec cyber_security_assessments
Fdic ffiec cyber_security_assessments
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 
w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018w-cyber-risk-modeling Owasp cyber risk quantification 2018
w-cyber-risk-modeling Owasp cyber risk quantification 2018
 
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...
 
SBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesSBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic Technologies
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech Talk
 
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
Boardroom to War Room: Practical Application of the NIST Cybersecurity Frame...
 
Cisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response ServicesCisco Connect 2018 Singapore - Cisco Incident Response Services
Cisco Connect 2018 Singapore - Cisco Incident Response Services
 
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...
CHIME LEAD Fourm Houston - "Case Studies from the Field: Putting Cyber Securi...
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor upload
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfryanfarris8
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfayushiqss
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxalwaysnagaraju26
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 

Recently uploaded (20)

The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 

How to Use the NIST CSF to Recover from a Healthcare Breach

  • 1. Recovering from a Healthcare Data Breach with the NIST Cyber Security Framework *Part 6 of the NIST CSF for Healthcare Webinar Series Ken Durbin, CISSP Strategist, CRM and Threat Intel Symantec 17-October-2017 Axel Wirth, CPHIMS, CISSP, HCISPP Distinguished Healthcare Architect Symantec
  • 2. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF/Healthcare Webinar Series Overview February 9, 2017 Recording Available Online* Identify June 1st, 2017 Recording Available Online* Protect July 13th, 2017 Recording Available Online* Detect August 17, 2017 Recording Available Online* Respond September 12, 2017 Recording Available Online* Recover October 17, 2017 Today’s Webinar Recap December 5, 2017 Registration Open* * https://resource.elq.symantec.com/LP=4235 2
  • 3. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 4. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 1. Security is always balancing act (that’s why we have Risk Analysis). "If we guard our toothbrushes and diamonds with the equal zeal, we will lose fewer toothbrushes and more diamonds." McGeorge Bundy, U.S. National Security Advisor to Presidents Kennedy and Johnson Testimony to Congress, March 1989. 2. Today’s fight against cybercriminals pitches finite resources (us) against infinite creativity (them). 3. Cybersecurity is no longer a device problem, it is a system problem. It is no longer an enterprise problem, it is a problem to global economies and national security. Three Facts about Today’s Cybersecurity 4
  • 5. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY The Economics of Cybersecurity Investment (Gartner): • 2017: $86.4 billion (up 7% over 2016) • 2018: expected to reach $93 billion Losses (Cybersecurity Ventures): • ~$3 trillion today (others estimate at $1T) • 2021: expected to reach $6 trillion Growing at x% (x<10) Growing by multiples 5
  • 6. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Securing Healthcare – Why is it so Hard? • Enforcing compliance / security may conflict with care delivery (usability, ease of access, user acceptance, …) • Complex organizations with complex decision making • Disparate technology platforms driven by: • Clinical preference • Vendor mandate • Regulatory mandates slow down change • Conservative decision making – err on the side of safety • History and culture: • Compliance viewed as security • Or even: compliance over security • Traditionally: • Underinvested in cybersecurity • Lack of board and executive leadership 6
  • 7. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY The Healthcare Folly – Compliance over Security Blame it on HIPAA (Security Rule): • Compliance is not Security (although related) • HIPAA is just the Baseline (says HHS!) • It’s a Regulation, not a Framework • C-I-A of ePHI = limiting our risk scope (think: medical devices) • … and it’s so 2003, really Risk Analysis – often well-intended, but …. • Incomplete: Assets, information, usage • Infrequent: Annually … really? • Serving just one regulation (HIPAA, PCI, …) • Inconsistent: no traceability between RA’s • Lack of metrics and measurements • Self-serving: Checklist approach • Manual: It’s in a binder, somewhere • Not followed through – lack of mitigation! 7
  • 8. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Cybersecurity in Healthcare – An Imperative for Action From: 2017 HIMSS Cybersecurity Survey (Aug. 2017) 72% of organizations spend 6% or less of their budget on security. Annual RA – leads to the conclusion that it is still compliance driven and not security driven. NIST CSF has become the most adopted security framework! 8
  • 9. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities • Healthcare has undergone a Paradigm Shift. Traditionally: • HIPAA-driven priorities: Confidentiality, Integrity, Availability • Checklist approach - satisfy the auditor • Over the past 2-3 years, Availability has become a growing concern • Ransomware impacted information access and therefore clinical workflows • WannaCry shut down of hospitals (UK NHS) • Medical Device incidents have impacted care delivery • And we are starting to understand the Integrity problem • Again, Medical Devices (hacks that could kill – but research only so far) • Risk to critical systems and data … and Patient Trust • Even just the perception of Loss of Integrity is a problem A New Balance Between Compliance and Security 9
  • 10. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities Supporting Examples 10
  • 11. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Changing Risk Priorities • Shifting Priorities • From accidental incidents to targeted and malicious attacks • Criminal attacks: politically motivated, targeting Devices, Information, Trust Strict Regulatory Controls need to be balanced with Nimble Security Confidentiality Availability Integrity Past Lost or stolen devices Technical failure Accidental alteration of data 11 Now • Financially motivated • Criminal intent (ransom, blackmail) • Political attacks (nations, hacktivists) Care delivery • Ransomware • Medical Devices Targeted attacks: intent to harm, create doubt in data (and larger healthcare system)
  • 12. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 13. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why a Security Framework for Healthcare? After all, we already have HIPAA …. • HIPAA, specifically the Security and Privacy Rules: • High-level regulatory requirements – defines “what” but not “how” • And really, it is a decade+ old ….. meaning not well aligned with today's cyber threats • Limited to PHI – your security problem is much larger (non-PHI, patient safety, care operations, business & financial data, research & intellectual property, ….) • HIPAA provides a set of abstract compliance requirements: • Require interpretation • Scalable based on type of provider and risk • Security Frameworks in general, and the NIST Cybersecurity Framework (CSF) in particular, fill that gap. • NIST CSF makes academic and abstracts compliance requirements implementable leading to tangible security. • HIPAA is the target, NIST CSF the tool! 13
  • 14. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY WHAT IS THE NIST CSF? The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a set of industry standards and best practices to help organizations manage cybersecurity risks. • Usage is voluntary, although incentives may emerge. • Common, flexible, and adaptable structure that can be used by all organizations. • Creation of NIST CSF was a collaborative process between the government and the private sector. • Symantec participated throughout the development of the framework 14
  • 15. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY WHY NIST CSF? DESCRIBE IDENTIFY ASSESS COMMUNICATE • Current state • Target state • Priorities • Processes • Progress towards target state • Internally and externally 15
  • 16. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Set of activities, desired outcomes, and applicable references common across critical infrastructure sectors Framework Core Framework Implementation Tiers Framework Profile Alignment of standards, guidelines, and practices to the Framework Core in a particular implementation scenario Provides context on how an organization views cybersecurity risk and the processes in place to manage that risk FRAMEWORK COMPONENTS 16
  • 17. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Functions Categories Subcategories Informative References Identify Protect Detect Respond Recover Core FRAMEWORK CORE High-level cybersecurity goals Subdivision of Functions into groups of cybersecurity outcomes Further Subdivide Categories into specific outcomes Existing Controls used to implement Subcategory 17
  • 18. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Functions ID Identify What assets need protection? PR Protect What safeguards are available? DE Detect What techniques can identify incidents? RS Respond What techniques can contain impacts of incidents? RC Recover What techniques can restore capabilities? FUNCTIONS Core 18
  • 19. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategory Informative References Recover (RC) Recovery Planning (RC.RP): RC.RP-1: Recovery plan is executed during or after an event • CCS CSC 8 • COBIT 5 DSS02.05, DSS03.04 • ISO/IEC 27001:2013 A.16.1.5 • NIST SP 800-53 Rev. 4 CP-10, IR-4, IR-8 INFORMATIVE REFERENCES Core 19
  • 20. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Where are we? Where do we want to be? Where are my Gaps? ALIGNMENT of Functions, categories, & subcategories w/ business requirements, risk tolerance, & organizational resources ENABLES organization to establish roadmap for reducing risk that is well aligned w/ organization goals, regulations, industry best practices, & risk priorities MULTIPLE profiles within an organization aligned with particular components is possible Profile FRAMEWORK PROFILE 20
  • 21. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Tier 1 Partial: The organization: • Has not yet implemented a formal, threat- aware risk management process to determine a prioritized list of cybersecurity activities Tier 2 Risk Informed: The organization: • Uses a formal, threat-aware risk management process to develop a Profile of the Framework Tier 3 Repeatable: The organization: • Updates its Profile based on regular application of its risk management process to respond to a changing cybersecurity landscape Tier 4 Adaptive: The organization: • Updates its Profile based on predictive indicators derived from previous & anticipated cybersecurity activities Tier Selection Process CONSIDER organization’s current risk management practices, threat environment, legal and regulatory requirements, business/mission objectives, and organizational constraints DETERMINE desired Tier based on meeting goals, feasibility to implement and reduction of risk to acceptable levels LEVERAGE external guidance to help with tier selection Tiers FRAMEWORK TIERS 21
  • 22. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Step 1: Prioritize and Scope Step 2: Orient Step 3: Create a Current Profile Step 4: Conduct a Risk Assessment Step 5: Create a Target Profile Step 6: Determine, Analyze, and Prioritize Gaps Step 7: Implement Action Plan FRAMEWORK CYCLE Identify business/mission objectives and high-level organizational priorities Identify related systems, regulatory requirements, and overall risk approach Identify which category and subcategory outcomes from framework core will be achieved Incorporate emerging risks and threat/vulnerability data to determine likelihood and impact of cybersecurity event Create a target profile describing the organization’s desired cybersecurity outcome Compare the current profile and target profile to determine gaps Organization determines which standards, guidelines and practices work best for their environment 22
  • 23. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 24. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cyber Security Framework – Core Functions IDENTIFY Asset Management Business Environment Governance Risk Assessment Risk Mgmt. Strategy PROTECT Access Control Awareness & Training Data Security Info Protection & Procedures Maintenance Protective Technology DETECT Anomalies & Events Security Continuous Monitoring Detection Processes RESPOND Response Planning Communications Analysis Mitigation Improvements RECOVER Recovery Planning Improvements Communications What assets need protection? What safeguards are available? What techniques can identify incidents? What techniques can contain impacts? What techniques can contain impacts? Supply Chain Risk Mgmt. = new under CSF 1.1 (draft) 24
  • 25. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Recovery Planning (RC.RP): RC.RP-1 Recovery plan is executed during or after an event Core Framework Core - Recover 25
  • 26. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Improvements (RC.IM) RC.IM-1 Recovery plans incorporate lessons learned RC.IM-2 Recovery strategies are updated Framework Core - Recover Core 26
  • 27. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Function Category Subcategories Recover (RC) Communications (RC.CO) RC.CO-1 Public relations are managed RC.CO-2 Reputation after an event is repaired RC.CO-3 Recovery activities are communicated to internal stakeholders and executive and management teams Framework Core - Recover Core 27
  • 28. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 29. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Data Breach Cost and Root Cause 2017 Cost of Data Breach Study - United States Ponemon Institute, June 2017 29
  • 30. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Symantec Alignment to CSF “Recover” Function Recovery Planning Control Compliance Suite (CCS), Cyber Security Services (CSS), Incident Response (IR) Improvements CCS, CSS, IR Communications CSS, IR Recover 30
  • 31. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF Applicable Security Technologies Product Short Description NIST CSF “Recover” Control Compliance Suite CCS Automates IT Governance, Compliance and Risk Management. Enables continuous risk assessment and a unified view of security controls and vulnerabilities. Define and manage detection processes, roles & responsibilities. Identify and prioritize vulnerabilities. Cyber Security Services CSS Threat intelligence, security monitoring, skills development, and incident response. Minimize detection and response times, become proactive about emerging threats, and respond effectively to incidents. Incident Response IR Remote and on-site investigation, analyze root cause and impact of a security incident, return to operations. Support executive management and communications. Perform forensic procedures to collect, preserve, and analyze evidence; determine cause, timeline, and impact. 31
  • 32. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cybersecurity Framework – Symantec Alignment Asset Management CCS, EPM, DLP, CASB Business Environment CCS, (EPM) Governance CCS, (VIP) Risk Assessment CCS, EPM, ATP, CSS, IR Risk Mgmt. Strategy CCS, DeepSight Supply Chain Risk Mgmt. ** CCS, (EPM), CSS, IR ID Mgmt. & Access Ctrl. VIP, SEP, ATP, CASB Awareness & Training CCS, CSS (skills & awareness) Data Security VIP, DLP, Encr., SEP, ATP, Proxy, CASB Information Protection P&P CCS, EPM, CSS, IR Maintenance EPM, VIP, SEP, CASB Protective Technology VIP, DLP, SEP, ATP, Proxy Anomalies & Events ATP, CSS, Email/Web, Proxy, CASB, Security Monitoring VIP, SEP, ATP, Email/Web, Proxy, CASB, CCS Detection Process CCS, ATP, CSS, Sec. Analytics Response Planning CCS, CSS, IR Communications CCS, CSS, IR Analysis CSS, IR Mitigation SEP, ATP, Proxy, IR Improvements EPM, DLP, SEP, ATP, CSS, IR Recovery Planning CCS, CSS, IR Improvements CCS, CSS, IR Communications CCS Identify Protect Detect Respond Recover ** = new under CSF v1.1 32
  • 33. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST Cybersecurity Framework – Symantec Alignment Acronym Description Acronym Description ATP Advanced Threat Protection EPM Endpoint Management (Altiris) CASB Cloud Access Security Broker IR Incident Response CCS Control Compliance Suite MSS Managed Security Services CSS Cyber Security Services Proxy Proxy SG Gateway DeepSight Threat Intelligence Sec. Analytics Security Analytics DLP Data Loss Prevention SEP Symantec Endpoint Protection Email/Web Email/Web Security VIP Validation & ID Protection Encr. Symantec Encryption Solutions 33
  • 34. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 35. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Why is Healthcare so bad at IT Risk Management? Common Challenges: • Lack of understanding at the senior management and board-level • Not recognizing their responsibility: define governance, risk- tolerance, budget, staffing • Not speaking the same language: IT explains risks in terms of technology, not in business terms • Growing interconnection between technology and business risks • How long can you operate without your EHR, PACS …. or email? • There is increasing pressure to disclose technology risk • Federal and State • Lack of visibility into key business relationships with third parties • Business Associates post-Omnibus • Supply chain 35
  • 36. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 34.0% 47.0% 19.0% Is there a standing security report presented at each board meeting? Yes No Don't Know 1/3 of responding organizations have security reports at each board meeting N = 100 Only 10% reported security presentations at each board meeting in 2015* *question was asked differently in 2015 and 2016 “Operationalizing Cybersecurity in Healthcare – 2017 Security & Risk Management Study”; HIMSS Analytics, Symantec 36
  • 37. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF and HIPAA HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework The CSF “Recover” Function is aligned with HIPAA to: • Security incident response and reporting • Contingency planning and operations • Periodic evaluation • Disaster recovery planning HIPAA mapping as provided by Department of Health and Human Services https://www.hhs.gov/sites/default/files/nist-csf-to- hipaa-security-rule-crosswalk-02-22-2016-final.pdf Protect 37
  • 38. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Core Informative References (example) For detailed standards and compliance mapping see NIST CSF Function Category Subcategories Informative References Recover (RC) Recovery Planning (RC.RP): RC.RP-1: Recovery plan is executed during or after an event • CCS CSC 8 • COBIT 5 DSS02.05, DSS03.04 • ISO/IEC 27001:2013 A.16.1.5 • NIST SP 800-53 Rev. 4 CP-10, IR-4, IR-8 • HIPAA Security Rule 45 C.F.R. §§ 164.308(a)(7), 164.310(a)(2)(i) 38
  • 39. NIST CSF “Recover” - Agenda Compliance vs. Security in Healthcare Why NIST CSF for Healthcare? Deep Dive: “Recover” function Implementing “Recover” and Addressing Key Requirements NIST CSF and HIPAA Summary & Discussion 1 2 3 4 5 6
  • 40. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Using NIST CSF to Make Compliance and Security Work • Define current state, gaps, and goals • Implement action plan, based on priorities • Define process, make it reliable and reproducible • Meeting multiple security and compliance objectives • Meet needs of all stakeholders • Test, practice, and improve • Make complexity manageable • Measure and communicate 40
  • 41. Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NIST CSF/Healthcare Webinar Series Overview February 9, 2017 Recording Available Online* Identify June 1st, 2017 Recording Available Online* Protect July 13th, 2017 Recording Available Online* Detect August 17, 2017 Recording Available Online* Respond September 12, 2017 Recording Available Online* Recover October 17, 2017 Today’s Webinar Recap December 5, 2017 Registration Open* * https://resource.elq.symantec.com/LP=4235 41

Editor's Notes

  1. Per capita cost is defined as the total cost of data breach divided by the size of the data breach in terms of the number of lost or stolen records.
  2. Let me share some of the thoughts:   A lack of understanding at the senior management and board-level. Discussions at these levels are still missing the target because they are not conducted in a business context. They focus on just the technological risk like a virus, breach or attack—but not on what happens to care if there is a virus outbreak on the network, or what do you do about billing if you’ve had a breach. In their 2013 Global Risk Management Survey, Gartner found that most companies surveyed (not just healthcare) are not communicating risk management data effectively to their board. And that’s dangerous, because of the growing interconnection between technology and business risks. No one can argue that we are entering a “digital economy” . . . although healthcare is lagging sectors like retail and the airlines. And since what we do is take care of people that interconnection is more critical than any other business. If you enter the wrong order at the corner restaurant someone gets the wrong lunch. Do that in a pharmacy and someone may never eat lunch again. And I promise not even to discuss medical devices here . . . There is increasing pressure to disclose technology risk. Market and industry regulators (from the HHS Wall of Shame to Joint Commission to the FDA and initiatives in almost every state) now instruct the public about what providers are doing with patient information and how they do it and how well they do it. Transparency is a wonderful thing until it is your ugly stuff that’s on display. Lack of visibility into key business relationships with third parties. And then there are those pesky Business Associates and sub-contractors. The number of Business Associates (and their Business Associates and subs), and technological exchanges of information (HIEs, ACOs, registries), has skyrocketed, which has increased the level of IT risk exponentially. With potentially 4 – 5 million Business Associates out there, it is much easier to not know what is going on and think the BAA or the Government will take care of it.   Now, these are kind of the big-ticket items. In fact, they aren’t even unique to healthcare. But healthcare unfortunately has a history of lagging technology and siloed approaches to business (or what we sometimes call care) - - both anathema to good enterprise risk management.   Lack of understanding at the highest levels is bad enough, but we have a more serious lack of understanding among the experts who perform the risk assessments. Risk assumes there is an asset - - something to protect. But we are still thinking of assets as “things”: devices, rooms, and pieces of paper. We don’t think of all those magnetic bits and bytes that we have carefully laid down on spinning disks or tape or jump drives or sent through wires or sometimes just the air - - no wires.
  3. Total of 147 responses CIO, IT director Other includes directors and managers of other departments/areas Over one-third of participants are CIOs Just over half (56.6%) of respondents have an IT leadership position (CIO, Director of IT and VP of IT) while 16.5% have a security leadership position (CISO, IT security officer and CSO) The other category is made up of IT manager, analyst and other director positions