The Path to Prioritizing Cybersecurity in Healthcare

Technology is only half the battle when it comes to cybersecurity measures for healthcare organizations. The remainder is awareness. Phil Alexander joins John Zuziak on today’s show to dig into common gaps in security awareness and their implications. Phil and John examine the elements of a successful security awareness program, including how to gain buy-in; setting goals; identifying wins; communicating progress and successes; and ultimately making security awareness a part of the organization’s culture.

This conversation features John Zuziak, director of the Security and IT Risk Management Practice for Change Healthcare, and Phil Alexander, CISO for North Mississippi Health Services.

Here’s what they report on:

  • The need to emphasize security awareness in healthcare
  • Tailoring security awareness training by job function
  • Topics to include in security awareness training
  • Gamifying security awareness
  • Making security awareness training work on a lean budget
  • Building a security awareness program from scratch
  • How to identify program goals
  • Ideal KPIs for success
  • How to win leadership buy-in for security awareness training
  • Communicating program success
  • Pitfalls to avoid
  • Proof security awareness can succeed in healthcare

Episode Resources

  1. Phil Alexander’s bio
  2. John Zuziak’s bio
  3. SOC II + HITRUST: How These Audits Will Improve your Organization
  4. Vendor-Independent Healthcare Consulting
  5. Change Healthcare Consulting Services
  6. Change Healthcare Industry Insights
  7. COVID-19 Updates and Resources
  8. COVID-19 Updates Newsletter
  9. Change Healthcare Insights Newsletter

Show Resources