Being a CISO in healthcare has always been a difficult juggling act. That job has now evolved into juggling flaming swords. Protecting against cyber threats and maintaining business continuity has always been part of the job. However, now this has to be done across a landscape that includes new threats taking advantage of the crisis and targeted at those in crisis, as well as an attack surface that has expanded far beyond the normal workspace and is not safely behind an enterprise’s firewall on centrally managed and maintained devices.
The following checklist is not intended to be exhaustive nor will the timing suggested, or even the items listed, be appropriate in every environment or organization. However, it does represent the areas that today’s CISO does not want to let slip through the cracks while trying to securely adapt the organization to a new model in a fast-paced, ever-changing environment. It may represent many things that will have to be addressed as the demands of time and resources begin to return to some semblance of “normal” or at least routine.