se securit ity risk an anal alyses done right
play

Se Securit ity Risk An Anal alyses Done Right A Complimentary - PowerPoint PPT Presentation

Nov 14, 2023 •37 likes •267 views

Se Securit ity Risk An Anal alyses Done Right A Complimentary Webinar From healthsystemCIO.com Sponsored by Fortified Health Solutions, A Santa Rosa Company Your Line Will Be Silent Until Our Event Begins at 12:00 ET Thank You! Slide

  1. “ Se Securit ity Risk An Anal alyses Done Right ” A Complimentary Webinar From healthsystemCIO.com Sponsored by Fortified Health Solutions, A Santa Rosa Company Your Line Will Be Silent Until Our Event Begins at 12:00 ET Thank You! Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  2. Housekeeping • Moderator – Anthony Guerra, editor-in-chief, healthsystemCIO.com • Ask A Question • We will be holding a Q&A session after the formal presentations. • You may submit your questions at any time by clicking on the QA panel located in the lower right corner of your screen, type in your questions in the text field and hit send. Please keep the send to default as “All Panelists.” • Download the Deck • Go to Download today's deck at: http://healthsystemcio.com/presentation/risk- analyses-webinar.pdf • Shortened URL at bottom of all slides • View the Archive • You will receive an email when our archive recording is ready. • Separate registration is required. Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  3. Agenda — Approximately 45 Minutes • 25-30 minutes: Chuck Podesta, CIO, UC Irvine Health • 5 minutes: A Word From Our Sponsor: Troy McClendon, President, Fortified Health Solutions, A Santa Rosa Company • 10-15 minutes: Q&A w/Chuck Podesta Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  4. “Security Ri Risk Analyses Done Right” Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  5. Threats UNSAFE HACKERS WEBSITES SOCIAL PHISHING ENGINEERING WEAK DATA PASSWORDS LOSS INAPPROPRIATE BREACH OF ACCESS VIRUSES INFORMATION Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  6. It’s not just HIPAA • Health Information Technology for Economic and Clinical Health (HITECH) • Health Information Trust Alliance (HITRUST) • Payment Card Industry (PCI) • National Institute of Standards and Technology (NIST) • International Organization for Standardization (ISO) • Federal Trade Commission (FTC) • State Laws Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  7. HITRUST • Common Security Framework (CSF) • Risk Assessment • Corrective Action Plan • Policy Management • Incident Management • Exception Management Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  8. Risk Assessment Harmonization Goes Way Beyond Meaningful Use • Data Management • Network Segmentation • System Controls Current State • Technical Controls Planned • Encryption • Physical Controls Minimal • User Awareness Optimal • Audit and Monitoring • Risk Transfer Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  9. Data Management • Sensitive Data Map • Structured and Unstructured ePHI • Credit Card Data • Data Lifecycle • Retention Program • Access • Audit • Minimal Necessary Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  10. Network Segmentation • LAN & WAN Segmentation • Important for PCI Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  11. System Controls • Computers • Desktops, Laptops, Servers • Mobile Devices • PDA/Tablets, USB/Flash, Phones/PDA • Removable Media • Backup Tapes and CDs • Peripherals • Printers, Copiers/Fax, Scanners Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  12. Technical Controls • Network Access • System Authentication • IDS/IPS • Vulnerability Assessment • Data Management • Data Loss Prevention (DLP) • Configuration Management • Server, Desktop, Network • Log Manager • Log Manager • SIEM Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  13. Encryption • Data At Rest • Database and File Storage • Backup tapes and the Cloud • Workstations and Laptops • Data In Motion • Email and FTP • USB/Flash and CDs • Tablets • Interfaces • Texting Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  14. User Awareness • Policy Education • Device Placement, Access, Auditing • Logoff • Encryption • Process Education • Encryption • Threat Awareness • Create Awareness Program • Home Use Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  15. Audit and Monitoring • Solutions • Network Management and network access controls • Data Loss Prevention • Log Management • Application Event Management • Database Managers • Email Auditor • SIEM Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  16. Risk Transfer • Financial • Cyber Insurance • ASP Services • Cloud Services • Vendor Managed Systems • Third Parties • CoLocation • Outsourcing • SaaS • Cloud Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  17. Keys to a Successful Plan • C-Suite Buy-in • You Can’t Do It Alone • Organizational Awareness • Funding for Technical Investments • A Breach is not IF but WHEN • Monitor Your BA Readiness • Implement Corrective Action Plans • Hire a CISO Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  18. “Security Risk sk Analy lyse ses Done ne Right” Troy McClendon, President, Fortified Health Solutions, A Santa Rosa Company Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  19. What’s the biggest misstep for Covered Entities and Business Associates? • Failu Fa ilure to cond nduc uct a thor orou ough h Risk Ana naly lysis is • Fa Failu ilure to addr ddress the resul ults of a Com omprehe hens nsive ve Risk Analysis is HIPAA Security, Privacy & Breach Slide Deck: http://goo.gl/BZkqHF Compliance - What Health Executives Webex Support 1-866-229-3239 19 Need to Know Event #299 749 291 Proprietary & Confidential

  20. Wha hat t to to do do with th Risk Ana Analys ysis Result esults Extract the Extract the Physical Extract the Administrative Risk(s) Technical Risk(s) Risk(s) • Prioritize the risk(s) if not already sorted in the report • Determine the effort it will take to remediate the risk(s) • Identify the staff members to participate in remediation efforts • Identify any outside resources to participate in remediation efforts Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 20 Event #299 749 291

  21. What you’ll most likely need to prepare for… • The organization may not have adequate resources to complete the required remediation • The organization may not have the in-house skillset(s) to complete the required remediation • Remediation may require the organization to implement new policies & processes • Could equate to additional staff training, capital investment, governance, differences of opinion, stricter employee sanctions • Remediation may require the organization to implement new technologies • Could equate to increased budget(s), capital investment, skills training, outsourcing • Remediation will require the organization to implement on-going security processes Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 21 Event #299 749 291

  22. Q&A Click on the Q&A panel located in the lower right corner of your screen, type in your questions in the text field and hit send. Please keep the send to default as “All Panelists.” Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

  23. Thank You! • Thanks to our featured speaker: Chuck Podesta • Thanks to our sponsor: Fortified Health Solutions, a Santa Rosa Company • You will receive an email when our archive recording is ready. (Separate registration is required) • CHIME CHCIO Credits – Attending our Webinars = 1 CEU • Questions/Comments – Anthony Guerra aguerra@healthsystemCIO.com Go to www.healthsystemCIO.com/webinars to view our upcoming schedule and see the last 12 months of archived events. Slide Deck: http://goo.gl/BZkqHF Webex Support 1-866-229-3239 Event #299 749 291

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ON ON AIR AIR QU QUALI ALITY TY AN ANAL ALYSES SES Results and limitations from the

ON ON AIR AIR QU QUALI ALITY TY AN ANAL ALYSES SES Results and limitations from the

THE THE IMP IMPACT OF SENTINEL CT OF SENTINEL 4 AN 4 AND D 5P 5P OB OBSE SERVATIONS TIONS OF NO OF NO 2 ON ON AIR AIR QU QUALI ALITY TY AN ANAL ALYSES SES Results and limitations from the ISOTROP study A. Segers, R. Timmermans,

388 views • 19 slides
Triaging Suspicious Artifacts Securit y Risk Advisors, Inc. Proprietary and Client Confidential

Triaging Suspicious Artifacts Securit y Risk Advisors, Inc. Proprietary and Client Confidential

Triaging Suspicious Artifacts Securit y Risk Advisors, Inc. Proprietary and Client Confidential About Us Jonas, GREM Security Risk Advisors (sra.io) Service lines: DFIR, CTA, A&E Clay (ttheveii0x), GREM Security Risk Advisors (sra.io)

723 views • 25 slides
Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an

Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an

Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an Goldberg, and David Wagner WEP Prot ocol Wired Equivalent Privacy Part of t he 802.11 Link-layer securit y prot ocol Securit y Goals

608 views • 25 slides
HyperG Solution Introduction Agenda HyperG yo your best Securit ity & Smart Solutio

HyperG Solution Introduction Agenda HyperG yo your best Securit ity & Smart Solutio

HyperG Solution Introduction Agenda HyperG yo your best Securit ity & Smart Solutio ion Cho hoic ice 3S Cyber Security Solution S S Securit ity app app S S Securit ity smart Off ffic ice S S

674 views • 34 slides
F u ndamental Val u ation : Anal yz ing Projections E QU ITY VAL U ATION IN R Cli Ang

F u ndamental Val u ation : Anal yz ing Projections E QU ITY VAL U ATION IN R Cli Ang

F u ndamental Val u ation : Anal yz ing Projections E QU ITY VAL U ATION IN R Cli Ang Senior Vice President , Compass Le x econ Anal yz ing Projections Projections are critical inp u t in disco u nted cash o w anal y sis Garbage - In

261 views • 14 slides
COVER AMANGO IN- DE PT H ANAL YSIS RE PORT Pre se nte d b y: Cindy T andiani, F e lic ia

COVER AMANGO IN- DE PT H ANAL YSIS RE PORT Pre se nte d b y: Cindy T andiani, F e lic ia

COVER AMANGO IN- DE PT H ANAL YSIS RE PORT Pre se nte d b y: Cindy T andiani, F e lic ia Nasse ri, Mic hae l Musto po , Vinso n Budiman itization ior Issue s Pr uc tion and ganization ate Risk Pro file : At the limit s of Value por

621 views • 33 slides
I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing

I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing

I mport ance of Net work Securit y? Think about The most pr ivat e, embar r assing or valuable 15: piece of inf or mat ion youve ever st or ed on a comput er Net work Securit y Basics How much you r ely on comput er

566 views • 7 slides
P rot ect ion Prot ect ing processes/ users f rom each 17: P rot ect ion/ Securit y ot her

P rot ect ion Prot ect ing processes/ users f rom each 17: P rot ect ion/ Securit y ot her

P rot ect ion Prot ect ing processes/ users f rom each 17: P rot ect ion/ Securit y ot her is one of t he core OS responsibilit ies Cont rol access of processes or users t o resources of t he comput er syst em (HW Last Modif ied:

384 views • 11 slides
Se Securit ity fr from om Pap aper to o Tak ake-Of Off Ma Mana nagement T Team Tony

Se Securit ity fr from om Pap aper to o Tak ake-Of Off Ma Mana nagement T Team Tony

Se Securit ity fr from om Pap aper to o Tak ake-Of Off Ma Mana nagement T Team Tony Gallo Managing Partner More than 30 years experience in the Security, Audit, Safety, and Emergency Management fields in which he specializes in

588 views • 19 slides
H OW I MPORTANT IS THE E XPANSION OF THE P ANAMA C ANAL TO THE P ORT OF N EW O RLEANS Bruce

H OW I MPORTANT IS THE E XPANSION OF THE P ANAMA C ANAL TO THE P ORT OF N EW O RLEANS Bruce

H OW I MPORTANT IS THE E XPANSION OF THE P ANAMA C ANAL TO THE P ORT OF N EW O RLEANS Bruce Lambert Executive Director, ITTS W ARNING P ANAMA C ANAL E XPANSION Is it needed? Does Louisiana Benefit from the Canal now? Does it

400 views • 36 slides
High r risk o occupations: w what i is t the question t to a ask a and c challenges w

High r risk o occupations: w what i is t the question t to a ask a and c challenges w

High r risk o occupations: w what i is t the question t to a ask a and c challenges w with d data an anal alysis. Ke Kevin Lyons Wes Lematta Professor in Forest Engineering Office: Snell 311 Phone: 541-737-5630 Email:

745 views • 17 slides
Shado w price sensiti v it y anal y sis SU P P LY C H AIN AN ALYTIC S IN P YTH ON Aaren St u

Shado w price sensiti v it y anal y sis SU P P LY C H AIN AN ALYTIC S IN P YTH ON Aaren St u

Shado w price sensiti v it y anal y sis SU P P LY C H AIN AN ALYTIC S IN P YTH ON Aaren St u bber eld S u ppl y Chain Anal y tics Mgr . Define shado w price Modeling in iss u es : Inp u t for model constraints are o en estimates Will

744 views • 51 slides
Introd u ction to E x plorator y Data Anal y sis STATISTIC AL TH IN K IN G IN P YTH ON ( PAR T 1

Introd u ction to E x plorator y Data Anal y sis STATISTIC AL TH IN K IN G IN P YTH ON ( PAR T 1

Introd u ction to E x plorator y Data Anal y sis STATISTIC AL TH IN K IN G IN P YTH ON ( PAR T 1 ) J u stin Bois Lect u rer at the California Instit u te of Technolog y E x plorator y data anal y sis The process of organi z ing , plo ing ,

734 views • 45 slides
E x plorator y data anal y sis P R E D IC TIN G C TR W ITH MAC H IN E L E AR N IN G IN P YTH

E x plorator y data anal y sis P R E D IC TIN G C TR W ITH MAC H IN E L E AR N IN G IN P YTH

E x plorator y data anal y sis P R E D IC TIN G C TR W ITH MAC H IN E L E AR N IN G IN P YTH ON Ke v in H u o Instr u ctor A closer look at feat u res int : an integer : 1 , 2 , etc . print(df.columns) float : decimals : 3.02 , 4.56 , etc .

189 views • 18 slides
So Social cial Securit Security ys F Financing and inancing and (E (Exist xisting

So Social cial Securit Security ys F Financing and inancing and (E (Exist xisting

So Social cial Securit Security ys F Financing and inancing and (E (Exist xisting & ing & Evolv lving ing) Po ) Policy licy Op Optio ions ns Abigail Zapote Executive Director Our mission includes protecting Social

138 views • 13 slides
AN I NT RODUCT I ON T O L AT E NT CL ASS ANAL YSI S F OR PRE VE NT I ON RE SE

AN I NT RODUCT I ON T O L AT E NT CL ASS ANAL YSI S F OR PRE VE NT I ON RE SE

AN I NT RODUCT I ON T O L AT E NT CL ASS ANAL YSI S F OR PRE VE NT I ON RE SE ARCH Be tha ny C. Bra y, Ph.D. T he Me tho do lo g y Ce nte r, Pe nn Sta te me tho do lo g y.psu.e du OVE RVI E W Co nc e ptua l intro

384 views • 16 slides
State At-Risk Training Presentation Alabama Department of Education Prevention and Support

State At-Risk Training Presentation Alabama Department of Education Prevention and Support

State At-Risk Training Presentation Alabama Department of Education Prevention and Support Services Section Telephone: (334) 242-8165 Fax: (334) 242-5962 State At-Risk Training Presentation Agenda State At-Risk (At-Risk) Overview

247 views • 13 slides
Making Decisions and Risk Presentation Guide Introduction This session has been developed for

Making Decisions and Risk Presentation Guide Introduction This session has been developed for

Making Decisions and Risk Presentation Guide Introduction This session has been developed for Key Stage 4-5 pupils, predominately for those who are in the process of considering life beyond school. It can also be used to support Sixth Form

74 views • 6 slides
Enterprise Risk Management Seminar Presenters Marcus Harwood Christine DiMenna Partner

Enterprise Risk Management Seminar Presenters Marcus Harwood Christine DiMenna Partner

Enterprise Risk Management Seminar Presenters Marcus Harwood Christine DiMenna Partner Principal blumshapiro blumshapiro cdimenna@blumshapiro.com mharwood@blumshapiro.com 860.570.6439 860.570.6474 2 Agenda Discuss recent ERM trends

553 views • 21 slides
Massachusetts Basic Hunter Education Objectives Basic Hunter Education Course Instructors

Massachusetts Basic Hunter Education Objectives Basic Hunter Education Course Instructors

Massachusetts Basic Hunter Education Objectives Basic Hunter Education Course Instructors Name Background/Profession Hunting/Shooting Interest Housekeeping Parking Rest Rooms Breaks Firearms Phones Agenda The Dates and Times

339 views • 30 slides
Toward a Risk Management Framework for the DNS April 2013 Beijing ! 1 Who we are VAUGHAN

Toward a Risk Management Framework for the DNS April 2013 Beijing ! 1 Who we are VAUGHAN

Toward a Risk Management Framework for the DNS April 2013 Beijing ! 1 Who we are VAUGHAN RENNER RICHARD WESTLAKE COLIN JACKSON 2 A risk management framework is not a risk or threat assessment but what you put the assessment into that

473 views • 22 slides
Introduction to Risk Management 1 INTRODUCTION TO RISK MANAGEMENT Learning Objectives 1. What

Introduction to Risk Management 1 INTRODUCTION TO RISK MANAGEMENT Learning Objectives 1. What

INTRODUCTION TO RISK MANAGEMENT Introduction to Risk Management 1 INTRODUCTION TO RISK MANAGEMENT Learning Objectives 1. What is risk? 2. Why is risk important? 3. What is risk management? 4. Who does what? 5. Keys to success 2

787 views • 27 slides
Risk Management Program Overview Finance and Audit Committee 3/19/2020 Purpose of Presentation

Risk Management Program Overview Finance and Audit Committee 3/19/2020 Purpose of Presentation

Risk Management Program Overview Finance and Audit Committee 3/19/2020 Purpose of Presentation No action is required from the Committee Presentation will provide: Overview of the Insurance Program Discussion of Insurance Premium

291 views • 10 slides
NCCASAS E ngaging Me n and Boys Rite s of Passage pr ogr am (E MROPP) A Se xual Viole

NCCASAS E ngaging Me n and Boys Rite s of Passage pr ogr am (E MROPP) A Se xual Viole

NCCASAS E ngaging Me n and Boys Rite s of Passage pr ogr am (E MROPP) A Se xual Viole nc e Pr e ve ntion Pr ogr am Dr . T e r e nc e K. L e athe r s Re v. Alpha David Ar ne tt Purpo se o f E MROPP T o e mpowe r boys

620 views • 25 slides

More recommend