Tasman Global: A Reflection on HIMSS 2018

By Randy Rose, Director of Cybersecurity, Tasman Global

By Randy Rose, Director of Cybersecurity, Tasman Global

Happy Spring! It’s hard to believe it’s already Spring and already a quarter of the way through the New Year. Tasman Cybersecurity has already had a productive year creating new partnerships, scoping mission areas for customers, and designing new eLearning solutions for healthcare providers focused on improving cybersecurity at all levels within their organizations.

In early March, we attended HIMSS ’18 in Las Vegas. It was my first time at a HIMSS conference and I was amazed—and even quite overwhelmed—at the breadth, size, and sheer amount of technology solutions marketed at the event. It was too much for me, and having been in the fields of Information Technology and Cybersecurity for nearly 20 years—I can’t imagine what impact the same spectacle had on those who are new to the field!

But more than the gigantic banners filled with tech buzzwords, interactive displays, and free vendor swag, I was most surprised by the content of most of the cybersecurity presentations. Unfortunately, it was not a pleasant surprise.

As I mentioned above, I have been in this sector for a long time, and it shocked me that the bulk of the presentations were about topics that we, as a community, were discussing at similar conferences 15 or more years ago. I was left thinking: Has so little changed in 2 decades? How are healthcare providers still operating without basic understanding of cyber risks? How can they function without solid business continuity plans, asset inventories, and established security policies, not to mention coverage over the more fringe areas like workforce development, identity management, and data loss prevention?

At one point, a presenter mentioned the significance of conducting regular audits to determine whether your organization is maintaining compliance, meeting regulatory requirements, and ensuring the effectiveness of established controls, and at least a half dozen different people seated around me turned to colleague and asked if their organization conducts audits. Most healthcare representatives I spoke with did not even know if their organizations had a Chief Executive responsible for cybersecurity, such as a Chief Information Security Officer!

It’s not all bad, of course. There were several presenters from within the community that shared their lessons learned from their own experiences building security in their organizations. Some of the lessons learned included items close to my own heart, such as leading through trust and delegation rather than micromanagement, focusing on people over technology, and capitalizing on crisis.

We’re the most targeted and most breached sector. We experience higher customer turnover related to information breaches compared to all other sectors. The average cost of breaches of health information is growing. Millions of patient records are compromised every year. And our data is amongst the most valuable on the black market. And yet, I have hope for this sector. Executive leaders in healthcare recognize that cybersecurity is a priority. We’re going to see rapid change in the right direction in a very short span of time. And we’re going to become leaders in information protection in ways that we cannot even fathom today.

We at Tasman Global are ready to help lead that change. Our mission is to enhance the cybersecurity landscape for all patients around the world through customized, risk-based, and strategic solutions. Regardless of where you are on your journey, we can help you navigate. Let Tasman Global be your compass.

“It takes 20 years to build a reputation and few minutes of cyber incident to ruin it.” ― Stephane Nappo