TechTarget interviewed Bruce Forman, CISO of UMass Memorial Health Care, after his presentation at SecureWorld Boston 2019, entitled "Leadership and Driving Change within the Organization."
A successful cybersecurity strategy requires more than a solid security team; it also needs clear communication and the right governance processes.
Board and executive buy-in, a security budget and a solid security team are critically important success factors for building a strong cybersecurity strategy within an organization, but they are not enough for long-term success, said Bruce Forman, CISO at UMass Memorial Health Care, a three-hospital health system based in Worcester, Mass.
Cybersecurity strategies aren't static. And to drive changes to the strategy home, Forman recommended that healthcare CIOs and CISOs integrate four additional features into their strategies: governance, prioritization, communication and socialization. These four tools will help healthcare organizations better adapt to changes in a cybersecurity strategy, while limiting risk within an organization, he said during his talk at SecureWorld.