3rd Party Risk Management , Access Management , Business Continuity Management / Disaster Recovery
Why a Zero Trust Approach in Healthcare Is Becoming CriticalErik Decker, CISO of Intermountain Healthcare, Discusses Evolving Trends
Healthcare sector entities increasingly need to implement a zero trust approach with their security, says federal adviser Erik Decker, CISO of Intermountain Healthcare.
See Also: Rapid Digitization and Risk: A Roundtable Preview
"That is the future of where we are going within healthcare … Making sure that that is in your plans is important," he says in an interview with Information Security Media Group.
"Zero trust is more of a philosophy than anything else - it's an integration of a lot of different architecture and systems … that have to work in concert with each other," says Decker, who is a speaker at the Healthcare Information Management and Systems Society 2022 conference taking place in Orlando, Florida on March 14-18.
Vital components for bolstering ID and access management in healthcare include multifactor authentication and "on the fly" dynamic identity proofing, he says.
He also says building user profiles for what is considered to be "normal access" for individual users is becoming essential.
In the video interview, Decker also discusses:
- Potential cybersecurity implications and incident response considerations pertaining to the Ukraine-Russia war on the healthcare sector;
- Evolving cybercrime threats and other worrisome concerns facing healthcare;
- Where healthcare cybersecurity is headed post-pandemic.
Decker is the CISO for Intermountain Healthcare, a multistate integrated delivery network based in Salt Lake City, Utah. He is currently co-leader of an HHS task group of more than 250 industry and government experts across the country for implementing the Cybersecurity Act of 2015, 405D legislation within the healthcare sector. Decker was previously CISO and chief privacy officer at the University of Chicago Medicine.