By Nick Giannas
In an information age, the critical importance of information security is just becoming fully realized. The most vigilant organizations in the private and public sector are vulnerable to cyber-threats, as we have seen, and it is well known that healthcare data and information will be a target for hackers and other criminals in the future.
Not surprisingly, the position of healthcare Chief Information Security Officer has mushroomed in significance. It’s a true executive-level position, I recently told Rajiv Leventhal of Healthcare Informatics, for his excellent article, “In an Ever-Intensifying Threat Environment, Healthcare CISOs Become Part of the Bigger Picture.”
What I emphasized to Leventhal – and what we have been counseling our clients who recruit healthcare CISOs – is that the right candidate needs to be someone who can influence and shape the thinking of the entire organization, not just fix and ward off threats. The CISO must build a culture of data security, which requires an individual who has “soft skills such as being able to build a relationship, communicate effectively, and translating those cybersecurity concepts in a way that business leaders can understand.” The CISO has to be a trusted advisor to senior leadership and the board.
We are recruiting CISOs from within and outside healthcare. “The demand for qualified CISOs far exceeds the supply of top talent for these positions,” I told Leventhal. “There is a need to expand and look beyond healthcare to find top talent in other industries who can make a difference and who might be coming from much more secure information security environments. Now that’s not to say that there are not strong individuals in this space in healthcare—because there are—but there are just not enough.”
It’s important to note also that a CISO cannot do her or his job alone. On this note, allow me to recommend “How to Build a Strong Healthcare Information Security Team,” published by HealthITSecurity last year.
Look for healthcare CISOs to keep growing in importance, and competition for their services to remain stiff.
Nick Giannas is a consultant in Witt/Kieffer’s Information Technology practice.
Download our best practices resource: “Executive Succession and Transition in Healthcare.”