Cloud Security , Governance & Risk Management , Healthcare

A CISO Offers Tips on IT Resiliency

Anahi Santiago of ChristianaCare on Maximizing Value
Anahi Santiago, CISO, ChristianaCare

With healthcare being the frequent target of ransomware assaults and other cyberattacks, CISOs must devise ways to improve their organizations' IT resiliency while maximizing value, says Anahi Santiago, CISO at ChristianaCare, a Wilmington, Delaware-based healthcare system.

See Also: Live Discussion | Securing Business Growth: The Road to 24/7 Threat Detection and Response

"When we talk about cyber resiliency, we're not just talking about sound security controls, but our ability to operate in the face of adversity," she says in a video interview with Information Security Media Group.

To help maximize the value of security investments and resources, Santiago suggests healthcare entities take steps to reduce technology complexity "while maintaining the right level of security."

For instance, Santiago's organization over the last two years has been fine-tuning its portfolio of security tools, reducing the number of overlapping or duplicative solutions used for a particular layer of the security stack when there are integrated platforms that can be leveraged instead.

ChristianaCare has consolidated platforms in areas including data loss prevention and web security gateways, says Santiago, who is a speaker at the Healthcare Information and Management Systems Society 2021 conference in Las Vegas this week.

Making such moves enables the organization to ensure "that our operational analysts aren't having to manage multiple platforms, which creates more work and complexity than necessary."

In the video interview, Santiago also discusses:

As ChristianaCare's CISO, Santiago provides strategic direction and oversight for a comprehensive security program, policy development, standards and controls implementation, training and awareness, regular risk assessment and mitigation, and partnerships with internal and external auditors. Previously, she served in a similar role at Albert Einstein Healthcare Network.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.