Nov/Dec 2021, Vol. 3, No. 6

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

CYBER CORNER

risk transference to the insur- ance company, rather than deal with the fundamental problems of the lack of or inadequate security to pro- tect against the ransomware attack.

What can someone specifi cally in a CISO role do to improve leadership’s understanding?

What we need is CISOs that understand the business and can transfer and relate cybersecurity risks to enter- prise business risks and to represent those to the board directors that are the ultimate arbiter of risk. Do you accept a risk? Do you mitigate a risk? Do you transfer a risk? Do you ignore the risk? And I think there’s been far too

CEOs tend to be more short term now than they ever were before. They’re there for three, four, fi ve years, and then they’re out. They take their bonuses with them, and they’re gone scot-free on to their next role in another hospital. There’s this mentality that it won’t hap- pen on my watch. A year ago, I heard CEOs say, ransomware is kind of worry- ing, but it probably won’t happen on my watch. I’m a small hospital system. No one’s going to come after me. They plainly don’t understand that ransomware is a

broadcast attack, and it is phishing, spam, whatever that is sent out, and they’re just waiting for a user to click on it, click on a link, and then they’ve got you. Maybe we need to change liability. Make CEOs personally liable for more of what goes on in their hospital networks. That won’t be popular at all with hospital CEOs, but they’ve got directors’ insurance now, which basically absolves them from any wrongdoing whatsoever. We’ve also seen a growth in insurance that many are using as a form of risk mitigation and

much ignoring risks that have taken place to say it’s not signifi cant. We don’t trust what our security team is telling us. We don’t trust what our external auditors are telling us. We’ll take a risk. We’ll deal with this next year because we don’t have the budget this year to deal with it. And often they’re caught with their pants down around their ankles. They get hit by ransomware. Their bet didn’t pay off and they get caught. HI

ADVERTISERS

WEBSITE

PAGE

ALLM, Inc. ..................................................................www.allm.us .................................................................................................... 7 Coverys .......................................................................www.coverys.com ........................................................................................BC Health ITq ...................................................................www.healthITq.com ...................................................................................... 17 LexisNexis .................................................................www.risk.lexisnexis.com/healthcare ......................................................... 3 Neurfl ow.....................................................................www.neurofl ow.com ....................................................................................... 5 Orion Health...............................................................www.orionhealth.com/us .............................................................................. 9 Pure Storage ..............................................................www.purestorage.com ................................................................................. 11 SDLC Partners ...........................................................www.sdlcpartners.com ................................................................................ 19 Spectrum Enterprises ..............................................www.enterprise.spectrum.com/telehealth .............................................IFC Wellframe ..................................................................www.wellframe.com .................................................................................... 15

NOVEMBER/DECEMBER 2021 | hcinnovationgroup.com 29

Photo 87152370 © Jakub Jirsák | Dreamstime.com

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32