The Maturity Paradigm

In healthcare we have an insatiable appetite to adopt new technology

Should we be worried

About state-sponsored attacks against hospitals?

Security and the Board Need to Speak the Same Language

How security leaders speak to thier C-Suite and Board can make all the difference

Who'd want to be a CISO?

Challenging job, but increasingly well paid

Medical Tourism - Growing in Popularity

Safe, fun, and much, MUCH more cost-effecitive

The Changing Face of the Security Leader

The role is changing, but what does the future hold?

Cyber Risk Insurance Won't Save Your Reputation

Be careful what you purchase and for what reason

Unsecured Endpoints in the Hospital Environment



Unsecured Endpoints in the Hospital Environment - Securing IOT and Medical Devices

Medical devices are growing by an estimated 20% per annum the world over, as are other IOT devices that control critical infrastructure in our hospitals. Yet, most cannot be secured by traditional endpoint computer means due to a combination of device limitation and regulation. Nor can most be patched and updated against known security vulnerabilities. At the same time, formerly isolated networks have converged to support digital transformation of healthcare, thus increasing risks exponentially for both the clinical business and biomedical networks used to treat patients.

How then do we go about "securing the un-securable" using the tools at our disposal to protect patients, their data and hospital systems from attack and ransom?

Richard Staynings
Richard Staynings
Craig Williams
Craig Williams
















This is the subject of a recent presentation given to the HIMSS Healthcare Cybersecurity Community by Richard Staynings, Cisco’s Cybersecurity Leader for the Healthcare Life Sciences Industry, and Craig Williams, Technical Outreach Leader at Cisco Talos.

In their presentation, Richard and Craig discuss what the future may hold for targeted attacks against hospital IOT and medical devices, and what healthcare technology and security leaders should consider doing to protect them.




Watch the WebEx recording here.

View the slides here.



BC Aware

Richard Staynings
ISACA BC Aware Privacy and Security Conference. Photo: Justin Malczewski.
The 'BC Aware Privacy and Security in Healthcare Conference' took place today at the Vancouver General Hospital in Vancouver, Canada. Richard Staynings, Cisco's Global Cybersecurity Leader for the Healthcare Industry kicked off the conference sharing trends and industry intelligence along with recent innovations to aid in securing hospitals, universities and standalone clinical research establishments.

Richard was joined by Drew McArthur, Information and Privacy Commissioner for British Columbia, and by Oliver Gruter-Andrew, Chief Information Officer for Provincial Health Services Authority, Providence Health Care, and Vancouver Coastal Health.

Richard Staynings addresses the audience at BC Aware
Richard Staynings addresses the audience at BC Aware. Photo: Justin Malczewski.
Presentations and discussion centered around the need for improved privacy and security across all aspects of healthcare, improved regulation and enforcement of privacy laws, and the need for holistic security, to include IoT and medical devices in hospitals and medical centers.

Oliver Gruter-Andrew and Richard Staynings conduct a Q&A at the BC Aware Privacy and Security Conference
Oliver Gruter-Andrew and Richard Staynings conduct a Q&A with attendees. Photo: Justin Malczewski.




Many thanks to my fellow speakers for sharing their insights and for attendees for braving the snow. Thanks also to the Vancouver ISACA chapter for hosting such a well run event.