Ought to CIOs and CISOs Put on One Hat?
CISO Trainings
,
Healthcare
,
Industry Specific
Essen Well being Care’s Hiren Dave Makes the Case for Integration of CIO-CISO Roles
The role of a CIO in the healthcare sector is evolving as security leaders take on additional responsibilities of managing cybersecurity in response to shifting business needs and expanding threat surface. “With essential skills such as risk management, strategic thinking, leadership and aligning technology with business goals, CIOs are also well-positioned to handle the role of a CISO effectively,” said Hiren Dave, CIO and CISO at Essen Health Care.
See Also: Live Webinar | Building a More Resilient Healthcare Enterprise and Ecosystem
At Essen Well being Care, which gives medical providers to underserved sufferers in New York Metropolis, Dave exemplifies this twin position by way of modernizing the group’s legacy infrastructure right into a scalable, safe IT setting with centralized administration, in addition to establishing a strong cybersecurity technique. This consists of deploying an XDR system and implementing insurance policies, procedures and controls based mostly on SOC 2, HIPAA and HITRUST requirements.
“The twin accountability permits me to deal with enterprise wants comprehensively by assessing options for feasibility, operational alignment and safety,” Dave mentioned. “Whereas it is a important accountability, it gives reassurance that each our technological and safety necessities are completely managed.”
On this video interview with Data Safety Media Group, Dave additionally mentioned:
- Guaranteeing the privateness and safety of affected person information by way of third-party distributors;
- The ripple impact of the Change Healthcare breach and classes realized;
- How Essen Well being Care is getting ready to implement the NIST Cybersecurity Framework 2.0.
Dave has been instrumental in executing Essen Well being Care’s imaginative and prescient, mission and progress technique. He oversees all facets of IT operations, together with group administration, IT budgeting and the procurement, deployment, monitoring and upkeep of enterprise expertise.