Gerry Blass, President & CEO, ComplyAssistant
Robert Babin, Director of Strategic Initiatives and CISO, St. Peters Healthcare System
Paul Garrin, CIO, Urban Health Plan
Jason Tahaney, Director of Technology, Community Options
As cybersecurity threats continue to wreak havoc on companies of all sizes, the importance of education and training for leaders is critical. In partnership with HFMA New Jersey, our team hosted a free, comprehensive webinar with health information technology (HIT) leaders from three of the top healthcare organizations located in New York and New Jersey. The discussion focused on internal and external cybersecurity risks and identified new risks directly resulting from the COVID-19 pandemic.
The lineup of speakers included:
- Robert Babin, Director of Strategic Initiatives and CISO at St. Peters Healthcare System in New Brunswick, NJ. Babin has 35+ years of experience in the manufacturing, financial and healthcare technology industries, serving in various leadership and management roles that include director, senior vice president and C-level.
- Paul Garrin, CIO at Urban Health Plan in the Bronx, NY. Paul has 30+ years of accumulated experience in the financial and healthcare technologies space, serving in various management roles including C-level and vice president. Paul’s focus has been on information technology from medium to large ambulatory, hospital and healthcare systems.
- Jason Tahaney, Director of Information Technology for Community Options Inc. Tahaney has been in the information technology field for 20+ years. During that time, he contributed to the design of several HIT solutions that have stood the test of time and helped organizations succeed.
- Gerry Blass, Founder and CEO of ComplyAssistant in Colts Neck, NJ. Blass formerly served as CISO for Meridian Health in New Jersey and founded ComplyAssistant in 2002. Using the lessons learned from his years as a CISO, Blass worked with his team to create a structured, automated governance, risk and compliance (GRC) tool that benefits over 100 healthcare organizations around the country.
Throughout the webinar, the panelists spoke about the three types of attacks threatening organizations today: ransomware, phishing and distributed denial of service (DDoS).
- Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. A recent example of a ransomware attack in the news is Colonial Pipeline, where hackers were paid nearly $5M in ransom.
- Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. A recent stat from the ONC Annual Phishing Report found that 59% of the phishing attempts were in the form of credential theft.
- Distributed Denial of Service (DoS) attacks occur when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web services. The 2020 Threat Intelligence Report found that the first half of 2020 saw over 4.8M DDoS attacks.
In response to increased cyberattacks in the wake of COVID, the webinar presents best practices that the panelists have implemented at their organizations. Here are five tips to consider:
- Map out your external threats and internal vulnerabilities
- Perform a business impact analysis (BIA)
- Establish monitoring mechanisms
- Create playbooks A, B and C ready for team execution
- Train your teams and other organizational members
To watch the full webinar and learn how to keep your company safe from the unexpected, check out this link.