How to balance convenience of consumerism in healthcare security: Hospital for Special Surgery CISO Vikrant Arora
Becker’s Hospital Review interviews Vikrant Arora, chief information security officer (CISCO) at HSS, about the evolution of his role, and the trends in healthcare that affect his decision making process.
Arora explained, “My role has changed from being an 'advisor' responsible for a static program aligned with standard frameworks and architectures to that of a 'designer' developing a dynamic security program, mostly in the absence of frameworks (which are still being developed) and architectures that vary from application to application.” He added, “Additionally, these applications are being designed to be accessed from anywhere and any device. Securing such applications not only requires new technologies but also a new mindset to think in terms of actual risks instead of simply slapping on existing security controls. I see this continuing in the next 12 months, which will lead to an evolutionary change in security team structures, processes and capabilities.”
Arora cited, “In healthcare the regulatory, threat and business landscapes are all changing at the same time and at a fast pace. However, two things that bubble up for me, that will challenge CISOs the most are, interoperability and consumerization. The former will expose any hospital's dirty laundry (legacy systems, XP based biomedical devices etc.) to the internet (via cloud) as we strive to connect everything and collect data from every possible sensor, modality and database. This not only increases the attack surface but also increases the complexity of the digital ecosystem.”
Read the full article at Beckershospitalreview.com.