Creating a Comprehensive Incident Detection, Response Plan
November 9th, 2017 1:00PM EDT
Risk-based, enterprise-wide information security programs are becoming more critical for providers as cybersecurity threats continue to evolve and grow more sophisticated. Prevention, mitigation, and detection are crucial, but what happens in the event of a data security incident or a real healthcare data breach? How should entities prepare for the worst case scenario?
Erring on the side of caution has led organizations to embrace the increasingly popular opinion, “not a matter of if, but when,” and prepare for the eventuality of a breach. HIPAA-covered entities can have the right technologies in place (e.g., firewalls, antivirus detection) and do their due diligence in conducting regular employee training sessions to recognize potential threats. But do they have the necessary processes and procedures in place for what happens after a cybersecurity attack?
Healthcare organizations need to complement their preventative efforts with incident detection and response capability, while ensuring they remain HIPAA compliant in the process. In this webcast, listeners will learn best practices with building the right incident detection and response program. Attendees will hear about the following:
The current threat landscape: how breaches are happening, who is attacking, what information is being sought after?
Role of risk assessments in the response process
The difference between detection and response – why healthcare organizations need both
Review laws and regulations (i.e., HIPAA, HITECH), and other requirements or frameworks (i.e., NIST, ISO 27001)
Importance of collaboration and information in building cybersecurity measures
Sponsored by: Rapid7
Rapid7 (NASDAQ:RPD) is trusted by IT and security professionals around the world to manage risk, simplify modern IT complexity, and drive innovation. Rapid7 analytics transform today’s vast amounts of security and IT data into the answers needed to securely develop and operate sophisticated IT networks and applications. Rapid7 research, technology, and services drive vulnerability management, penetration testing, application security, incident detection and response, and log management for more than 6,300 organizations across more than 120 countries, including 39% of the Fortune 1000. To learn more about Rapid7 or join our threat research, visit www.rapid7.com
Tufts Medical Center
Taylor Lehmann is the Chief Information Security Officer at Wellforce, a large, integrated hospital system in Eastern MA comprised of Tufts Medical Center, Circle Health and Hallmark Health. Taylor has been working in information security, privacy and risk for nearly 20 years, with the goals of driving real, measurable results for organizations who need help overcoming cybersecurity issues and building resilient organizations that have the skills and capabilities to adjust to change quickly. Taylor has worked directly with financial services, private equity and venture capitalists, and other organizations and industries, to secure digital goods. He is also known for his work in healthcare and is very active in the community, sitting on a number of advisory boards and industry councils, which focus on standardizing cybersecurity programs and bringing new software and security products to market.