Presentation is loading. Please wait.

Presentation is loading. Please wait.

2014 Leadership Lunch & Learn Series “SECURITY FROM THE TOP DOWN”

Similar presentations

Presentation on theme: "2014 Leadership Lunch & Learn Series “SECURITY FROM THE TOP DOWN”"— Presentation transcript:

1 2014 Leadership Lunch & Learn Series “SECURITY FROM THE TOP DOWN”

2 The Series Purpose ◦Provide leaders with the knowledge and resources to protect themselves, their staff, and our patient data resources ◦Provide invitation to security (reverse a wrong) Content ◦Topics and discussions will be different each quarter. ◦Q1 will be Awareness Education & Training information Dates ◦February 2014 ◦April 2014 ◦August 2014 ◦November 2014

3 Facts The average economic impact of a data breach over the past two years for the responding healthcare organizations $2.4 million 2.5 percent of U.S. households with children under age 18 experienced child identity fraud 1/40 Children 1 in 4 consumers that received a data breach letter became a victim of identity fraud, which is the highest rate since 2010 1/4 Adults

4 Fantasy Land Regional Medical Center (RMC) ◦Cutting edge technology ◦BYOD ◦Diverse staff ◦Security - “Not my job” The Breach ◦Credit Card Data (PCI) ◦Patient Data (PHI) ◦Staff records (PII) The Result ◦Drop in admissions due to community mistrust ◦Loss in productivity due to employee PII cleanup ◦Financial losses

5  Hospital Hacked, Notifies 43K Patients  Froedtert Health in Milwaukee  Hacked Washington Hospital Hit By $1.03 Million Cyberheist  Moved an estimated $1.03 million out of the hospital’s payroll account into 96 different bank accounts mostly at banks in the Midwest & East Coast.  Server hacked at OSU Hospital  PII stolen  Ohio State University Medical Center  New Bug Threatens Hospital Systems  Kaspersky Security Analyst Summit  Heating and cooling systems, elevators and alarm system  Hacked within 25 seconds  Extortionists or disgruntled employees  Anonymous Attacks Oxford University  Anonymous’ campaign to attack networks affiliated with Gov  Device Manufacturers Must Fix Cyber Risks Now  Department of Homeland Security (DHS) issued warning  300 medical devices from about 40 vendors vulnerable This Is Rare, Right?  Edward Snowden  NSA  Social Engineered fellow workers  Indiana University Hospital Hacked  Virus discovered on server  PII Stolen

6 UMC Reality (Q1/2014) Denial of Service (CAT 2) ◦HIM Take Down (3 Serv, 10 wkstations) ◦Expiro Virus Social Engineering ◦Patient’s Room ◦SWCC Copier/Printer Potential Data Loss ◦USB Thumb Drive in Pediatrics Trash Computer Infection ◦ “Oh that system? Yea we don’t use it. It has issues.”

7 Cyber Security Threat Brief Q1 Full Q1 report in handout Page 5 – OTA HIPAA Breach Report ◦89% could have been prevented ◦29% Social Engineering ◦76% weak or stolen account credentials Page 9 – UMC Health System Departments Affected in Q1 Page 12 – Q2 Threat = “Perfect Storm” Page 13 – OCR Findings = 60% IT Security

8 What You Can Do Evangelize Security

9 What If? 4 Tools provide complete PC protection - FREE 1 Step to 60% Reduction in Infection Automated updates and patches Multiple Strong Passwords - never remember them Protect Your Childs identity - FREE 1 Tool protects all data – never hacked

10 2014 Awareness & Training Program Knowledge is power! Make it fun, engaging, and useful for people and they’ll do it Invitation to join the security industry NSA Encryption example ◦Employees training each other Opportunities ◦Phish Market Blog ◦Leadership L&L ◦Cyber Security Week (Oct) ◦Departmental Education ◦Phishing Tournament



13 Awareness Recognition Natalie Bradshaw– BICU

14 Awareness Recognition Tracy Green – Nursing Support Services (Potential Data loss –USB) Joanne Smith – SWCC (Thwarted Hacker)

15 More Giveaways “Cyber Safe” ◦Child Internet Safety Book ◦Published by the American Academy of Pediatrics Kangaru USB Thumb drive NSA Approved Write Protect Switch Loaded with Free Security software

16 Free Tips & Tools See our website for recommended security tools and tips ◦AV ◦Firewalls ◦Cleaning Tools ◦Password Managers ◦Review Request ◦Education and more….

17 Who Is IT Security? Ivan, Teresa, Brandon Chis, Bill Terri Fallin HD, Desktop Support Sys Admins Network Admins IT Analytics IDM Support Team


Download ppt "2014 Leadership Lunch & Learn Series “SECURITY FROM THE TOP DOWN”"

Similar presentations

Ads by Google