new frontiers in privacy and security - nchica · 2018-06-07 · new threats need new approaches,...

New Frontiers in Privacy and Security

Proprietary and Confidential - Do Not DistributeProprietary and Confidential - Do Not Distribute

2

Proprietary and Confidential - Do Not Distribute

Agenda

• Discuss the rise of new classes of

threats

• Provide a sense of what AI and big

data can and can’t do

• New approaches to incident response

• Our 2025 technology predictions


3

New Threats

• Social media

• Explosion of new data sources

and interconnections

• Multi-vector sophisticated

actors


5


Social Media

A powerful tool for marketing,

messaging, and engagement,

but a huge new threat to Patient

Privacy.


6


Storytelling and multiple

methods of engagement

New platforms to review

potential PHI breaches

and monitor news

EDUCATION MONITORING TECH

Metrics, measurement

and continuous feedback

loops

PROCESS

Tools to Resolve

New Vectors


7


We are generating data and

providing access to it at an

exponential, rather than

linear rate

Exponential Data


8


Privacy and security

integration, training

and protocols

The same technologies

fueling this explosion

should be protecting us

CULTURE CHANGE AI EFFICIENCY

Use big data

technologies to

integrate review of ALL

sources

COMPREHENSIVE REVIEW

Managing

Exponential Data


9


Healthcare is vulnerable to

state-based, AI-enabled and/or

new types of threats entirely.

New Actors


Hack as a ServiceSteady Threat

Organized CrimeIncreasing Threat

State SponsoredIncreasing Threat

HacktivistsSteady State Threat

Financially motivated, paid

% of profit

Financially motivated,

ransomware for easy $$ data

exfiltration for higher payoffs

Research, espionage

and sensitive proprietary

information

Motivated by social

justice causes to seek to

defame or damage an

enterprise

• Cyber-crime as service (CAAS)

• Allows others to rent

infrastructure for attacks,

botnets, phishing tools and

vulnerability scanning

of targets

• Aim to collect ransom, personal data,

including medical records, credit

cards and SSNs

• Structured and operated similar to

start-ups, often with industry focus

• Efficient and profit focused

• Increasing level of sophistication

• Highly-skilled and highly-

persistent groups with

unlimited resources

• Employ sophisticated and

previously unknown methods

(e.g., custom malware)

• Pursue and achieve specific

objectives

• Maintain a low profile to cover

their tracks and remain in the

network for months, if not years

• Unstructured coalitions of

individuals that come

together based on common

cause

• Rely on social engineering

techniques

• Employ less sophisticated

attack methods due to

resource limitations

• Engage armies of infected

computers available in the

dark web


11

e.g., interactive phishing

training/monitoring

Orchestration, analysis,

and monitoring can

leapfrog in healthcare

TECH-ENABLED EDUCATION NEW TECHNOLOGY

Three strikes rule for all

individuals at health

system

REAL CONSEQUENCES

Managing

New Actors


12

AI and Big Data

• What the heck are they?

• What can’t they do?

• How could they actually be

helpful?


What are we talking about

when we talk about big data,

AI, machine learning,

analytics, and more?

Breaking down the

buzzwords

https://www.moogsoft.com/blog/aiops/understanding-machine-learning-aiops/

13


14


Judgment, discretion, on-the-

ground culture change, and

leadership, as well as the

nascent nature of these

technologies. Toddlers, not

Terminators.

Limitations of These

Technologies


15


Great for integration,

automation, scale, and sector-

specific context.

So why use them?


16

Whatever technologies you’re using, or threats

you’re facing, what are the commonalities in

every incident response plan?


17

• Information Security Incident Policy

• Definition

• Incident Reporting

• Incident Responsibility

• Information Security Incident Handling Procedure

• Incident Discovery

• Incident Investigation

• Incident Documentation

• Breach Notification Run Book

• Definition

• Authority

• Scenarios

• Methods of Notice

• Content of Notification

Incident Handling Process


18

• Collaborative Cybersecurity

Governance Process

• Communication Plan

• Senior Management Response Team

Membership & Responsibilities

• Recovery Statements

• External Teams/Trusted Advisors

Major Incident Response


19

• Internal Communication (management,

workforce)

• Trusted External Parties (legal, NDAs (non-

disclosure agreements), contractors)

• Other External Parties (Business

Associates, government agencies,

vendors, media outlets)

• Internet Service Provider

• CMS Notification

• Owners of Attacking Systems

• Other Victims

• Directly Affected Vendors

Recovery Statements


20


Breach Notification Run Book

Incident Senior Management Group

Incident Management Team

Communications Cyber Forensics Legal

Risk Management Human Resources Health Plan/Benefits

Regulatory/Compliance Finance Government Relations


21

Predictions for 2025

• Privacy/Security Integration

• Comprehensive Audit

• Sector-Specific Context


22

Seeing a respect for these two

swim lanes continue, but much

greater operational integration,

and measurable change.

Privacy/Security

Integration


23

Deployment of models that

continuously review and risk-

stratify all accesses to data in

real-time.

Comprehensive Review

with AI Efficiency


24

Moving away from square pegs

and round holes into clinically-

aware technologies designed

for healthcare.

Sector-Specific Contextual

AI


25

Key Take-Aways

• New threats need new approaches, both

technologically and culturally

• AI is just another tool, albeit one possessed

of tremendous strengths and weaknesses

• The key is augmenting and enhancing

culture, human effort, and process, not

replacing it


26

We’re entering an all new world of threats but

both tried and true culture change and

education as well as artificial intelligence

provide a new fusion approach and show great

promise.

Reach out to continue the conversation

[email protected]

[email protected]

[email protected]

mailto:[email protected]



new frontiers in privacy and security - nchica · 2018-06-07 · new threats need new approaches,...

Documents