A CHIME Leadership Education and Development Forum in collaboration with iHT2

Creating an Effective Cyber Security Strategy

________

Key Attributes for Success, Challenges and Critical Success Factors

● Tony Evans, Chief Information Officer, Enloe Medical Center ●

#LEAD15

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Raise Awareness

• At all levels of the organization, not just C-Suite

• We are not alone – High level state of data security nationwide

• Create a dynamic data security roadmap

– 6 months, year 1, year 2 (with estimated costs)

• Data security includes physical security

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Tell a Scary Story

• Baseline your organization against others in your industry leveraging graphs and charts

• Use examples that are close to home

• Short presentation at as many department and key stakeholders meetings as possible

• Real impact that resonates with the intended audience

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Create a Cyber Security Scorecard

• Know your target audience

• Use categories that relate to how your audience sees the world, not IT.

• Examples of Categories: Work environment, Employee Education/Security Awareness, Data Protection, Disaster Recovery

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Create a Cyber Security Scorecard (cont.)

• Create a Risk Key

• Create a Score Key

– A, B, C, D

• Present overall score against industry

• Measurable activity – Communicate often

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Cyber Security Scorecard Example

A CHIME Leadership Education and Development Forum in collaboration with iHT2

You May Feel Like You Are Alone

• Have an incident management strategy

• Set expectation of a continuing effort with no end date

• Balance transparency with risk of exposing security vulnerabilities

May require a special funding track

• Number one asset is our reputation

– Must invest in Data Security for the long-term

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Data Security, Value and Efficiency

• Data security doesn’t always have to be restrictive and a productivity drain

• Look for ways to improve the organization while enhancing data security

– Secure Texting

– Disaster Recovery Planning

– User Access Control

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Creating an Effective Cyber Security Strategy

________ Key Attributes for Success, Challenges and Critical Success

Factors

● Josh Kohrumel, Director, PMO, Rady Children’s Hospital San Diego ● ● Blaine Hebert, Information Security Officer, Rady Children’s Hospital San Diego ●

Resource Alignment Financial Alignment

Organizational Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Resource Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Portfolio Management

Office

Clinical Systems

Business Systems

Infrastructure Bio

Med HIM

Project Services

InfoSec Emerging

Tech Testing Mgmt

Enterprise Architecture

Financial Mgmt (IM)

Resource Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Financial Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Financial Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2

Organizational Alignment

A CHIME Leadership Education and Development Forum in collaboration with iHT2