by Jon Hallgrimsson, VP of Information Technology and CISO
The SecureCISO Phoenix conference brings together InfoSec professionals from many industries, including banking, healthcare, and higher education. This invitation-only event is a valuable forum to discuss innovation for the enterprise, as well share insights and strategies around cyber threat protection.
Three areas of focus emerged as where future challenges lay:
- Artificial Intelligence (AI) Will Make Cybersecurity More Concerning
AI has been a buzzword in the tech world for years, but it’s now making significant inroads into cybersecurity. As a result, every leader in the room was thinking more deeply about what AI tools will mean for information security. One hot topic noted how hackers could use large language models like ChatGPT to automate and personalize phishing attacks, making them much harder for people to spot.
Such technology can make phishing attempts seem much more like a trusted person, even providing rational-sounding answers when someone responds to a possible phishing email. The solution to counter such a threat is multi-faceted and requires a combination of AI-enabled cybersecurity tools, and highly focused and responsive IT security teams.
- Employee Awareness Vital for Cybersecurity Success
Along with new tools, organizations must invest in cybersecurity awareness training for all employees, from top executives to front-line staff. As a panelist, I shared how Atlas is working to transform how our employees protect Protected Health Information (PHI).
We made cybersecurity awareness training and prevention a key part of our annual employee goals, and leveraged a training platform that integrates with our email system and provides regular phishing simulations that reflect the sophistication seen in the real world. The result has been a substantial shift in how the team members identify, report, and mitigate phishing attempts, both real and simulated. Atlas has become a trusted partner to Banner Health, Corewell Health, and MedAxiom in caring for their patients’ and physicians’ data.
- Technical Challenges Securing PHI in the Remote Working Environment
With the rise of remote work due to COVID-19, organizations are facing similar challenges when it comes to securing sensitive data outside their organizations. When working remotely, there are few controls in place to keep company secrets, patient information, or classified materials out of reach from family members and visitors.
There are many solid technical solutions with user-friendly and secure approaches, offered by the banking sector. Similar to healthcare, they also must adhere to strict regulations and prevent multimillion-dollar fraud. These solutions include virtual desktops on a secure network hosted in the cloud, which removes enterprise data from the home environment.
Cyber threats are constantly evolving, with new technologies being used for bad as well as for good. AI and remote work continue to shape the industry, and it will be crucial to stay up-to-date with the latest trends and technologies, and collaborate to develop effective solutions to stay ahead of the curve, so that healthcare can remain vigilant, so these threats don’t compromise how healthcare organizations operate and deliver care.