Approaching Security with a 'Business Enablement' ObjectiveTaylor Lehmann of Google Cloud on Maturing Healthcare Cybersecurity
Many healthcare sector organizations would raise their security maturity levels if more CISOs and their teams approached security with business enablement as the objective, says Taylor Lehmann, director for the office of the CISO at Google Cloud.
"I think if we shift to security strategies that focus first on business enablement and truly have goals set in business outcomes, organizations, I think, in many cases … will have more success … and increasingly more mature security programs," he says in a video interview with Information Security Media Group.
"It's about reducing, and in some cases eliminating, unnecessary controls or guardrails that slow down deployments of new initiatives, but don't provide any real value," he says. "Data-driven risk management is the maturity I'd like to see, and where I think high-performing systems are starting to go."
In the interview, Lehmann also discusses:
- Other suggestions to healthcare CISOs for improving security efforts in their organizations;
- Zero trust architectures in healthcare environments;
- Top healthcare sector cybersecurity trends and challenges.
Lehmann is a director for the Office of the CISO at Google Cloud, where he advises Google Cloud customers on adopting a high security bar without compromise or unnecessary friction. Lehmann is an experienced CISO whose past work involved securing global healthcare organizations. He has held CISO roles for hospitals, health insurance, health IT organizations, and global banks.