Governance & Risk Management , Government , Healthcare

HHS on Guard: Prioritizing Patient Data Security

CISO and Acting Deputy CIO La Monte Yarborough on Building a Culture of Security
La Monte Yarborough, CISO, acting deputy CIO, U.S. Department of Health and Human Services

The U.S. Department of Health and Human Services is actively enhancing its cybersecurity measures to protect sensitive health data. CISO and Acting Deputy CIO La Monte Yarborough outlined the measures HHS is taking to protect sensitive data and critical infrastructure amid rising threats.

See Also: Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape

HHS is implementing various strategies to fortify its internal environment and provide sector-wide capabilities, Yarborough said. One key program, he said, is the 405(d) Program - a collaborative effort between public and private sectors to strengthen the cybersecurity posture of healthcare organizations. Another major effort is the Healthcare Cybersecurity Coordination Center, which gathers and shares threat intelligence relevant to the healthcare sector to help it fortify defenses.

Healthcare providers' "core competency isn't necessarily cybersecurity," Yarborough said. "They also rely on external entities such as the government to help inform them of the types of measures they should be taking as it pertains to the risk landscape."

In this video interview with Information Security Media Group at the Fraud, Security and Risk Management Summit, Yarborough also discussed:

  • The importance of robust security mechanisms involving technology and skilled personnel;
  • The need for a cultural shift toward better cybersecurity practices;
  • Using the 405(d) Program to identify major threats.

Prior to joining HHS, Yarborough worked in various cybersecurity leadership roles, including CISO of the Department of Homeland Security and the Federal Emergency Management Agency. Prior to DHS, he was a consultant and spent more than 20 years in the U.S. Army, specializing in IT and cybersecurity.

About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.