With cyber security breaches becoming an ever-growing issue for health care companies, the Nashville Health Care Council welcomed a panel of experts to discuss strategies for preventing such attacks. Though data invasions can be disastrous for health care organizations, the industry has so far struggled to put processes into place that will effectively reduce the negative consequences of cyber crime.
The discussion was moderated by Kerry McDermott, vice president, public policy and communications, Center for Medical Interoperability; and featured panelists Samar Ali, attorney, Bass, Berry & Sims and former White House Fellow; Paul Connelly, vice president and chief information security officer, HCA, and former chief information officer, the White House; Noah Kroloff, principal and co-founder, GSIS, and former chief of staff, U.S. Department of Homeland Security; and Mark Sullivan, principal and co-founder, GSIS, and former director, U.S. Secret Service.
View more event photos on Flickr.
Photo credit: (c) 2016, Donn Jones.
The conversation explored the current and emerging threat landscape, identifying the “bad actors,” which include international terrorists and nations infiltrating American entities, hackers who feel they are exposing data to protect public interests, and criminals who are looking for financial gain. The panelists agreed that the government has a role in data security to some extent, but that, in large part, effective security rests with the private sector.
“It’s not lost on the government that this is a huge challenge, one of the biggest threats we have. The government does realize they need to support you and be in a partnership with you, but that’s not going to be the silver bullet,” Sullivan said. “We all have to individually protect ourselves. It’s a technology challenge, but it’s also a people challenge and a leadership challenge.”
“Cyber is both a security issue and a philosophical issue. It’s both about how we are protecting our institutions, and how we are doing business. This is not going to be static; this is going to change every single day, every single week, every single month, every single year. We as a nation are going to need to evolve at the same speed as the evolution of the threat,” Kroloff said.
Speaking to the room full of top health care executives, the experts stressed the need for organizations to have a detailed action plan around security breaches, and the importance of addressing threats from a comprehensive team perspective, not just from the IT department. They emphasized that dramatic changes will need to occur within organizations to effectively protect themselves.
“No matter what your job is, cyber security is your job too. As leaders, you set the tone. If your staff thinks this is important to you, it will become important to them,” Connelly said. “If we can make our employees savvy on how they use technology, not only will they protect themselves but they’ll carry it forward with them in their job as well.”
When it comes to cyber security, much is at stake for the health care industry and the country as a whole.
“Cyber-terror is what keeps me up at night. A primary goal of terrorism is to cause chaos, but I think it’s also to create fear amongst you and your neighbors, to create fear of the unknown. People who are trying to cause terror know that America’s optimism and unity is what sets us apart as a country and they want to unravel that by creating fear amongst us,” said Ali. “The answer for cyber security is actually in this room, and amongst all those living in America. It’s a cultural shift and we have to take the responsibility of how we are sharing our information. The answer to defending ourselves from a cyber attack starts with each one of us.”
“The Council presents content that will help our members understand the most pressing issues that our industry faces, so that they can make informed business decisions,” said Hayley Hovious, president of the Nashville Health Care Council. “We are pleased to offer this discussion today, and hope that each of our members walked away with a better understanding of the challenges and solutions that our business faces in cyber security.”
Today’s program was presented by BlueCross BlueShield of Tennessee. Supporting sponsors were Bass, Berry & Sims, Cressey & Company, KPMG, and LifePoint Health.
About the Nashville Health Care Council
The Nashville Health Care Council is a premier association of health care industry leaders working together to further establish Nashville’s position as the nation’s health care industry capital. Supported by nearly 300 corporate members, including local and national health care companies, the Council serves as a trusted source for information on trends that influence the health care industry. The organization provides members with one-of-a-kind networking opportunities and access to Nashville’s elite health care business community.
Worldwide, Nashville’s health care industry generates more than 500,000 jobs and $78 billion in annual revenue. The industry is Nashville’s largest and fastest-growing employer. For more information on the Council, please visit www.healthcarecouncil.com.