Cover image of Code Red: HIMSS' Cybersecurity Podcast
(3)
Health
Technology

Code Red: HIMSS' Cybersecurity Podcast

Updated 8 months ago

Health
Technology
Read more

Welcome to HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.

Read more

Welcome to HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.

iTunes Ratings

3 Ratings
Average Ratings
2
0
0
0
1

iTunes Ratings

3 Ratings
Average Ratings
2
0
0
0
1
Cover image of Code Red: HIMSS' Cybersecurity Podcast

Code Red: HIMSS' Cybersecurity Podcast

Updated 8 months ago

Read more

Welcome to HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.

Rank #1: Episode #12: How Cybersecurity Frameworks Can Help Protect Providers and Patients

Podcast cover
Read more

Cybersecurity can be a complex topic, and that complexity seems to increase with each new vulnerability or threat identified.  How do you keep track of everything you’re supposed to do in order to protect your data, your organization, your patients?  Where do you start?  There are tools to help keep track and stay organized, and in this episode of Code Red, we’re going to talk about just one of those tools, the NIST Cybersecurity framework.   Frameworks provide user guidance to help your organization enhance its ability to, in the language of the NIST Cybersecurity Framework:IdentifyProtectDetectRespond andRecoverafter a cybersecurity incident.  In this episode, we speak with Matthew Barrett, Program Manager, Cybersecurity Framework at the National Institute of Standards and Technology, on the ways healthcare organizations can leverage the NIST Cybersecurity Framework to help keep their health data safe.  This Episode’s GuestMatthew BarrettProgram Manager, Cybersecurity FrameworkNational Institute of Standards and TechnologyLearn more about Matthew

Dec 04 2017
20 mins
Play

Rank #2: Episode #9: Strengthening Your Organization's Cybersecurity Culture

Podcast cover
Read more

There’s a shortage of people qualified to work in cybersecurity, and we need to do something about that. But what is that “something?” Let’s be honest here, we’re not going to change that situation overnight. It takes years to acquire the kind of skills needed to pursue the education, experience and credentials required. But what can we do in the meantime? We’ve said it before on Code Red: we’re all involved in security, to one degree or another. What can we do to effectively raise awareness and change behavior?This episode’s guest offers some insights. While at our annual conference in Orlando, Code Red sat down to discuss these and other issues with Servio Medina, CISSP, Chief Operating Officer of the Cybersecurity Policy Branch at the US Defense Health Agency. Servio sees opportunities in changing the way we think about educating each other in this field, and discusses burnout, math, lifestyles and other topics, and how they relate to cyber-education. After listening to this episode, the phrase “It makes sense to me” will take on a whole new dimension. This Episode’s GuestServio Medina, CISSPCheif Operating Officer, Cybersecurity Policy BranchUS Defense Health AgencyLearn more about ServioFollow Servio on Twitter: @serviofmedinaLearn about the US Defense Health AgencyThis Episode’s Audience AskHow does your organization "make sense" of an enterprise-wide approach to cybersecurity?  How has your organizational culture around cybersecurity changed over the past few years?  Any lessons to share with others? Send us a voice memo from your smart phone with your thoughts. You can send them to codred@himss.org and we will play them on the air at the end of our next episode. 

May 01 2017
30 mins
Play

Rank #3: Episode #10: How to Survive a Hacker Attack

Podcast cover
Read more

Imagine you work at a hospital and you are responsible for the health and wellbeing of thousands of patients a year. That’s not such a stretch. Many of us listening to this podcast are in this situation. You are in charge of the information systems at the hospital and all the data is your responsibility, whether clinical or operational. And you’re responsible for maintaining the privacy and security of that data. Let’s add a little pressure: imagine your hospital is attacked by hacktivist group with a political agenda—and, it’s a children’s hospital. What would you do?Welcome to Code Red, HIMSS’ cybersecurity focused podcast. In this episode, we hear from Daniel Nigrin, MD, MS, Sr. Vice President and CIO at Boston Children’s Hospital. Dan shares his story of how Boston Children’s handled and survived an attack by the hacktivist group, Anonymous.    This Episode’s GuestDaniel Nigrin, MD, MSSr. Vice President/CIO Boston Children’s HospitalLearn more about DanielLearn about Boston Children's Hospital 

Jun 06 2017
25 mins
Play

Rank #4: Episode #7: Establishing Effective Cybersecurity Governance

Podcast cover
Read more

When it comes to cybersecurity, the enemy holds many advantages.  They run the timetable.  They establish the rules of engagement.  And in a culture that exults the bandit, the pirate, and the hacker, they find many fellow travelers in dark places, on the web and in the world.   But for every bandit there is a sheriff.  This age is no different.  Rather than wearing badges and walking dusty wooden sidewalks, today’s cybersecurity sheriffs wear suits and roam the network, looking for vulnerabilities to fix before they are exploited.  Rather than protecting the townsfolk with a steady hand and trusty Colt, today’s cybersecurity sheriffs wield effective governance plans and the leadership to convince their organization that lazy passwords and curious clicks are the keys to the loot that bandits are riding off into the sunset with today. Welcome HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.  In today’s episode, we will explore how to successfully design and implement effective cybersecurity governance with 2016 Chicago CISO of the Year, Todd Fitzgerald, Global Director Information Security for Grant Thornton International.  Time to hop on your horse and ride… This Episode’s GuestTodd FitzgeraldChief Information Security OfficerGrant Thornton International, Ltd.Learn more about ToddFollow Todd on Twitter: @SecurityFitzLearn more about Grant Thornton International, Ltd. This Episode’s PromosHIMSS17 is the meeting place for all things health IT. Experience over 300 education programs, more than 1,200 vendors, hundreds of special programs, and limitless networking opportunities. Collaborate with HIMSS and thousands of colleagues worldwide as you work to positively transform health and lives through IT.Register Today This Episode’s Audience AskWhat lessons has your orgnazation learned about an effective cybersecurity governance structure? Send us a voice memo from your smart phone with your thoughts. You can send them to codred@himss.org and we will play them on the air at the end of our next episode. 

Feb 16 2017
18 mins
Play

Rank #5: Episode #5: Why You Should Pay Someone To Break into Your House

Podcast cover
Read more

It’s amazing what a difference a moment can make.  By the time you’re done listening to this introduction, 160 new malware samples will be released.  By the time you’re done listening to this introduction, someone will have become the first victim of a spam-based malware attack. By the time you’re done listening to this episode, ten thousand Facebook accounts will be compromised.  27 thousand computers worldwide will be added to a botnet. The US Navy will be cyberattacked 45,000 times.  The NSA will be cyberattacked 5.2 Million times.  Since 2009, detected cybersecurity incidents have increased 66% year-over-year.  By the time you’re done listening to this episode, how many of your records have been attacked?  By the time you’re done listening to this episode, who, undetected, has gained access to your network?  Who has compromised your system? Do you know?  It’s amazing what a different a moment can make.  Scared yet? Don’t worry.  We won’t be offended.  Go ahead and pause the podcast to call your chief security officer.  Go ahead.  Go. Go now.Welcome HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.  In today’s episode, we will explore the speedy evolution of hacking techniques, their impact on the health care industry, and the role we all have in effective cybersecurity with Kevin Johnson, CEO of Secure Ideas and HIMSS16 Views from the Top speaker.  We will also hear about the launch of HIMSS’ new Cybersecurity hub at the HIMSS Innovation Center in Cleveland, Ohio.  This Episode’s GuestKevin JohnsonFounder & CEOSecure IdeasLearn more about KevinFollow Kevin on Twitter: @secureideas Learn more about Secure Ideas This Episode’s PromosThe HIMSS Privacy & Security Forum is the nation’s leading event dedicated exclusively to healthcare privacy and security. These premier two-day conferences are held around the country and bring together hundreds of senior executives for thought leadership focused on solving some of the industry’s toughest challenges.  The HIMSS Privacy & Security Forum is designed to meet the needs of CIOs, CISOs and other senior health IT leaders. The information shared at the forum is practical, solutions-based and actionable – designed to help with planning, coordination and oversight. Each event offers the opportunity to learn of industry developments, network with peers, and discuss key topical issues. Topics covered include: cloud security; cybersecurity; HIPAA; identity & access management; incident response; medical device security; vendor management; and more.  The next HIMSS Privacy & Security Forum is scheduled for December 5th to the 7th at the Westin Boston Waterfront in Boston, Massachusetts.  Find more information about the upcoming HIMSS Privacy & Security Forum. 

Nov 21 2016
25 mins
Play

Rank #6: Episode #6: The Financial Implications of Cybersecurity

Podcast cover
Read more

Let’s accept the fact that we want to feel secure in some way, whether it is secure in our jobs, our relationships, or our personal safety and wellbeing.  We want the best for our families, our business endeavors or, as in healthcare, for the other people for whom we have some degree of responsibility.  But how do you place a value on the effort we make to create a secure environment?   In this episode of Code Red, we talk with Fred Cox, Director of Information Security at Varian Medical Systems about the financial implications of cybersecurity, including direct and indirect costs of security, the idea of table stakes and behavior analytics, and at which point the concept of cybersecurity’s ROI can effectively be considered.   This Episode’s GuestFredrick Cox, CISSPDirector, Information SecurityVarian Medical SystemsLearn more about FredFollow Varian Medical Systems on Twitter: @VarianMedSysLearn more about Varian Medical Systems This Episode’s PromosHIMSS17 is the meeting place for all things health IT. Experience over 300 education programs, more than 1,200 vendors, hundreds of special programs, and limitless networking opportunities. Collaborate with HIMSS and thousands of colleagues worldwide as you work to positively transform health and lives through IT.Register Today 

Dec 12 2016
25 mins
Play

Rank #7: Episode #8: Finding Strength from Vulnerabilities in the Networked Age

Podcast cover
Read more

This Episode’s GuestGreg WolvertonChief Information OfficerARcareLearn more about GregFollow Greg on Twitter: @GregWolvertonLearn more about ARcareUniversity of Houston professor Brené Brown understands the strength that comes from embracing our vulnerabilities. “When we spend our lives”, Brown says, “waiting until we’re perfect or bulletproof before we walk into the arena, we ultimately sacrifice relationships and opportunities that may not be recoverable, we squander our precious time, and we turn our backs on our gifts, those unique contributions that only we can make. Perfect and bulletproof are seductive, but they don’t exist in the human experience.”In an age of ubiquitous cybersecurity threats, it takes a strong organization to embrace its vulnerabilities.  To understand that true strength comes from the willingness to examine and reexamine our weaknesses.  To lead by the need to learn about ourselves.  To lead by the need to share with others.  Welcome HIMSS’s new health IT cybersecurity podcast, Code Red. Code Red focuses on cybersecurity challenges facing health care today & tomorrow, featuring the voices of the people on the front lines. The goal of the podcast is to explore the interplay between the people, processes & technologies that make up an organization’s cybersecurity posture from both a leadership & skills-based perspective.  In today’s episode, we will discuss how ARcare, a Davies award recipient and EMRAM Stage 7 non-profit that provides medical and dental care to residents in rural Arkansas responded to a recent cybersecurity breach with Greg Wolverton, CIO of ARcare and Chair of the HIMSS User Experience committee.     This Episode’s PromosHIMSS17 is the meeting place for all things health IT. Experience over 300 education programs, more than 1,200 vendors, hundreds of special programs, and limitless networking opportunities. Collaborate with HIMSS and thousands of colleagues worldwide as you work to positively transform health and lives through IT.Register Today 

Feb 16 2017
18 mins
Play

Rank #8: Episode #4: Medical Device Security in the Age of the "Internet of Things"

Podcast cover
Read more

On March 12, 2008, the New York Times reported about a team of computer security researchers from Beth Israel Deaconess Medical Center and the Universities of Washington and Massachusetts that able to gain wireless access and reprogram a combination heart defibrillator and pacemaker to deliver potentially fatal jolts of electricity to a person with the device.   Since that zero day nine years ago, the health care industry has moved up to top of the list for cybersecurity attacks.  Since that zero day nine years ago, millions of pacemakers have been implanted worldwide.  Since that zero day nine years ago, the mobile device market has been forecasted to have 8-Billion-dollar market value by 2019.  So as we begin Cybersecurity Awareness Month, what should healthcare organizations do to protect patients and their connected medical devices from being compromised?  In this episode of Code Red, we discuss the impact that connected health will have on medical device security with HIMSS Privacy & Security Committee member Cathy Petrozinno, Principal, Cybersecurity Partnerships and Information Privacy at MITRE Corporation. This Episode’s GuestCatherine M. Petrozzino, CIPP/G/US/ITPrincipal, Cybersecurity Partnerships and Information PrivacyMITRE CorporationLearn more about CathyFollow the MITRE Corporation on Twitter: @MITREcorpLearn more about the MITRE Corporation This Episode’s PromosThe HIMSS Privacy & Security Forum is the nation’s leading event dedicated exclusively to healthcare privacy and security. These premier two-day conferences are held around the country and bring together hundreds of senior executives for thought leadership focused on solving some of the industry’s toughest challenges.  The HIMSS Privacy & Security Forum is designed to meet the needs of CIOs, CISOs and other senior health IT leaders. The information shared at the forum is practical, solutions-based and actionable – designed to help with planning, coordination and oversight. Each event offers the opportunity to learn of industry developments, network with peers, and discuss key topical issues. Topics covered include: cloud security; cybersecurity; HIPAA; identity & access management; incident response; medical device security; vendor management; and more.  The next HIMSS Privacy & Security Forum is scheduled for December 5th to the 7th at the Westin Boston Waterfront in Boston, Massachusetts.  Find more information about the upcoming HIMSS Privacy & Security Forum. 

Oct 13 2016
26 mins
Play

Rank #9: Episode #13: Educating a Cybersecurity Workforce the NICE Way

Podcast cover
Read more

If you are trying to figure out if you want to start or advance your career in cybersecurity, this podcast is for you.  Perhaps you are trying to figure out how to build a qualified security staff to protect your information.This podcast is for you.  Welcome to Code Red, the HIMSS security podcast.  In this episode, we speak with Rodney Peterson, Director of National Initiative for Cybersecurity Education at the US Department of Commerce.  NICE is all about security education, roles, and security specialties.  Whether you are a student learning the field, or an employer trying to write accurate job descriptions, this episode is for you.   This Episode’s GuestRodney PetersenDirector of National Initiative for Cybersecurity EducationNational Institute of Standards and TechnologyU.S. Department of CommerceConnect with Rodney

Feb 21 2018
19 mins
Play

Rank #10: Episode #11: How to Manage Effective Cybersecurity Solutions Partnerships

Podcast cover
Read more

What are the security threats your organization perceives to be most urgent to mitigate? Do you have the capabilities to implement those controls? Sometimes you need to go outside and bring in a third party to help. But what do you look for when searching for a vendor? How do you build a true partnership? Finally, is there still room for innovation in the security realm? That’s a lot of questions, and we’ve got the answers! On this episode of Code Red, you’ll hear from Patrick Streck, Senior Director IT at Baystate Healthcare. Our other guest is Aaron Miri, CIO and VP Government Relations at Imprivata. Patrick and Aaron talk about the way Baystate and Imprivata work together to address security issues. This episode is about the customer/vendor relationship, specific to the security space. While these are just two of many providers and security vendors, Patrick and Aaron were kind enough to share some great tips that worked for these two organizations; perhaps these will help you as well.  This Episode’s GuestsPatrick Streck, MBASenior Director, IT Baystate HealthcareLearn more about PatrickFollow Patrick on Twitter: @PatrickStreck Aaron Miri, MBAChief Information Officer Vice President, Government Relations ImprivataLearn more about AaronFollow Aaron on Twitter: @AaronMiri 

Nov 15 2017
29 mins
Play