Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management

Managing Chaos in Massive Healthcare Sector Cyberattacks

Bryan Chnowski, Deputy CISO at Nuvance Health, on Crisis Response
Managing Chaos in Massive Healthcare Sector Cyberattacks
Bryan Chnowski, Deputy CISO, Nuvance Health

The chaos experienced by thousands of healthcare organizations in the wake of the massive Change Healthcare cyberattack and IT outage in February is proof that most organizations are simply unprepared for such devastating cyber incidents, said Bryan Chnowski, deputy CISO at Nuvance Health.

"Organizations are simply not prepared for such large incidents," he said. The Change Healthcare outage affected the vast majority of healthcare providers in the U.S. - making the historic incident "tremendously impactful," he said.

"The lessons learned from this are to review your documentation, your incident response policy and plan, and your runbook so that you're better prepared for when the next major incident hits," he said.

In this interview with Information Security Media Group (see audio link below photo) at HealthSec Summit USA in Boston, Chnowski also discussed:

  • Steps his organization is taking to improve incident response, including undergoing a cybersecurity resiliency assessment;
  • Cybersecurity concerns involving medical devices, including legacy gear;
  • The latest AI tech developments.

Chnowski help lead security at Nuvance Health, which operates seven hospitals and more than 100 of other healthcare facilities in New York and Connecticut. He has more than 25 years of information security leadership experience across diverse industries such as education, finance, insurance and healthcare. He previously built and matured the information security program at Western Connecticut Health Network, where he was promoted to the role of CISO.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.