Cybersecurity Expert from Defense Weighs in on Healthcare's Opportunities

Stay up to date on our latest blogs and content


By CereCore | May 3, 2024

4 minute read EHR/EMR| Blog| IT Advisory| IT Strategy

Cyber criminals only have to be right once to wreak havoc. In healthcare, we have to be right 100% of the time to manage the risk of cyberattack. In a recent interview on the CereCore Podcast, Phil Sobol, Vice President of Business Development talked to Darcy Corcoran, Principal for Cybersecurity Advisory Services about the cybersecurity must haves and the often-overlooked aspects of considering AI use cases in healthcare. Darcy employs her extensive background in the Department of Defense and work with NATO and the Pentagon to inform organization-specific tactics and industry best practices offering thoughts on cybersecurity in healthcare through lens of extensive cybersecurity background in defense.  


Cybersecurity must haves 

As for the must haves, Darcy maintains it’s important for an organization to define a clear, strategic vision and to empower technology organizations and their partners to build a plan that aligns with that strategy and defends it. Ultimately, everything a security organization does should align to that strategy, so the vision is executed every day. Leaders have an important role in defining the vision and ensuring the execution. 

Patients need to trust and have reasonable assurance that healthcare technology is going to keep their data safe and private. And at the same time, physicians need to know data is reliable, secure, and resilient. For healthcare’s cybersecurity teams this means making a malicious act on their organization so cost prohibitive that they move on to find a softer target. 

Threat intelligence is an important factor in determining cybersecurity strategy, and a lot of general threat intelligence information today lacks the perspective of your organization’s attractiveness to malicious actors. Healthcare organizations need to be able to provide context to their threat intelligence thread and then draw a line to where it should be incorporated into your defense strategy. Reactive network defense strategies focus on fortifications, and boundaries and react in similar fashion to all of the detected threats. That's not only an expensive proposition, it's exhausting, and it just might not even be as effective as an informed defense posture with context of the threats.  

A fundamental shift in focus for cybersecurity 

In fact, according to Darcy, a fundamental shift is needed from hyper focus on managing governance, risk, and compliance (GRC) duties to an organized common operational picture that integrates everything into a concerted operational view to defend against persistent, sophisticated, competent criminal enterprise. 

To that end, these are three areas to consider: 

  • Contextualized threat intelligence: unbiased review and understanding of your organization’s threat surface in detail to inform priorities and resources for necessary impact
  • Reduced unintended consequences: modernizations (such as moving to the cloud and using AI) increase vulnerabilities and change an organization’s risk profile  
  • Commitment to compliance and regulatory baselines: regularly performed gap assessments are key to identifying and addressing potential vulnerabilities in an environment that changes daily 

AI considerations leaders may overlook 

AI has made some incredible advances in expanding the effectiveness of primary care providers, streamlining access to care, and helping to address burnout. It’s time, if you haven’t, to embrace the change AI brings. The biggest risk AI poses to an organization is when there’s a lack of understanding about how the technology works. Consider these: 

  • The data AI ingests and analyzes: What does it know? What doesn’t it know? How will you depend on it? How will you validate what it produces? What does it share? Where does it share it? 
  • Operational protocols for AI: Is AI for internal use and/or external? What do the quality control and maintenance processes look like? Is it talking back to a foreign country? Does it take data samples? If so, where do the samples go?  

In cybersecurity, we always try to balance the equities of the operational needs against things like data quality, privacy, security, and ethics. As we try to balance all those equities, we can’t have a denial of service internally because our policies are so strict that nobody can do anything. But at the same time, we must do our best to protect the very important things that we are charged with protecting.  

Get started with a cybersecurity assessment for your organization.  

For more on Cybersecurity Advisory Services, check out these resources.  

Download more podcast episodes

Hear perspectives from other healthcare leaders on The CereCore Podcast:

When Healthcare's Toughest Problems Need an Outsider's Perspective

Kim Waters, Principal Consultant of Revenue Cycle at CereCore


Why EHR Optimization Is Worth The Effort And Budget

Bob Gronberg, Assistant Vice President of MEDITECH Professional Services; John Walsh, Manager of MEDITECH Professional Services; and Stephanie Murray, Senior Director of Epic Services at CereCore


Rolling Out EHRs in the Rural Setting: An Expert Guide

Ismelda Garza, CIO at Cuero Regional Hospital and Senior Consultant at CereCore


Fostering a Culture of Innovation and Growth

Shahzad Fakhar, Vice President Field Operations – Information Technology Group at HCA Healthcare


How to Bridge the Great Divide Between IT and Physicians

Dr. Charles Bell, Physician Advisor at CereCore


Rural Healthcare: A CEO's Take on Advocacy, Tech and More

Lynn Falcone, Chief Executive Officer at Cuero Regional Hospital


EHR Optimization: How to Keep Improving After Go Live

Cory Lane, Director of Operations at OakLeaf Surgical Hospital


Liverpool Women's CIO on the EPR Implementation Journey

Matt Connor, Chief Information Officer at Liverpool Women's NHS Foundation Trust


A CEO's Experience: What an EHR Technology Change Really Needs for Success

Anne Hargrave-Thomas, Chief Executive Officer at OakLeaf Surgical Hospital and Vice President of Operations at Surgery Partners


The Promise of Technology and On-the-Go Patient Care

Kevin McDonald, Chief Information Officer at HCA Healthcare’s South Atlantic division


Healthcare CIO Advice on Leading Through the Complexities of Change

Al Smith, Senior Vice President and Chief Information Officer at Lifepoint Health


Big Healthcare IT Transitions Deliver ROI and Physician Satisfaction

Richard “Rick” Keller, Senior Vice President and Chief Information Officer at Ardent Health Services 


A Physician’s Perspective: Bridging the EHR, Healthcare IT, and the PAC

L. Austin Fredrickson, MD, Board Certified, General Internist at Salem Regional Medical Center 


A Look Back: Decisions that Led to a Unified EHR with MEDITECH Expanse

Thomas Kurtz, Ph.D., Chief Administrative Officer at Memorial Healthcare 


Scaling an IT Department to Support Growth (and Why Managed Services Makes Sense)

Varun Gadhok, Chief Information Officer at Surgery Partners


Like what you heard?

Don't miss an episode of insights from healthcare IT leaders and experts. Subscribe to the podcast on Spotify or Google Play. Share what you've learned with your network, too.

About the Author:

CereCore® provides IT services that make it easier for you to

Put Us to Work

Let us know how we can support your initiatives and take some of the heavy lifting from healthcare IT.