Governance & Risk Management , Healthcare , Industry Specific
Assessing Cyber Risk, Maturity in Healthcare M&As
Jigar Kadakia, CISO of Mass General Brigham, on Top Challenges Facing the SectorWhen healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully and thoroughly assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and privacy officer of Mass General Brigham, formerly known as Partners HealthCare.
"There are often different levels of cybersecurity maturity. Trying to consolidate that maturity and the determination of risk factors between the two organizations is among the most important things," says Kadakia in an interview with Information Security Media Group during a recent HIMSS cyber forum in Boston.
Also, "understanding the technology debt and the technology platforms of the two companies and the path forward is among the most important with the merger and acquisition, and to reduce cyber risk overall," says Kadakia, who leads cybersecurity at Mass General Brigham.
The Boston-based, Harvard-affiliated integrated healthcare delivery system has grown significantly through a number of acquisitions and mergers involving other New England-based hospitals and healthcare entities over the years. They include the 1994 merger of Massachusetts General Hospital and Brigham and Women's Hospital, two of Boston's oldest academic medical centers.
In the interview (see audio link below photo), Kadakia also discusses:
- Cloud vendor security considerations;
- Managing third-party cyber risk;
- Top cyber challenges for healthcare in the year ahead.
Kadakia has served as vice president, CISO and privacy officer for Mass General Brigham, formerly Partner HealthCare, since 2014. He came into this role after spending more than 20 years consulting delivering, developing and managing privacy and cybersecurity implementations for large complex healthcare companies. Kadakia is also a managing board member of the Health Information Sharing and Analysis Center.