CISO Trainings , Healthcare , Industry Specific
Should CIOs and CISOs Wear One Hat?
Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO RolesThe role of a CIO in the healthcare sector is evolving as security leaders take on additional responsibilities of managing cybersecurity in response to shifting business needs and expanding threat surface. "With essential skills such as risk management, strategic thinking, leadership and aligning technology with business goals, CIOs are also well-positioned to handle the role of a CISO effectively," said Hiren Dave, CIO and CISO at Essen Health Care.
See Also: Security Culture Report for ASIA 2024
At Essen Health Care, which provides medical services to underserved patients in New York City, Dave exemplifies this dual role through modernizing the organization's legacy infrastructure into a scalable, secure IT environment with centralized management, as well as establishing a robust cybersecurity strategy. This includes deploying an XDR system and implementing policies, procedures and controls based on SOC 2, HIPAA and HITRUST standards.
"The dual responsibility enables me to address business needs comprehensively by assessing solutions for feasibility, operational alignment and security," Dave said. "While it's a significant responsibility, it provides reassurance that both our technological and security requirements are thoroughly managed."
In this video interview with Information Security Media Group, Dave also discussed:
- Ensuring the privacy and security of patient data through third-party vendors;
- The ripple effect of the Change Healthcare breach and lessons learned;
- How Essen Health Care is preparing to implement the NIST Cybersecurity Framework 2.0.
Dave has been instrumental in executing Essen Health Care's vision, mission and growth strategy. He oversees all aspects of IT operations, including organization management, IT budgeting and the procurement, deployment, monitoring and maintenance of enterprise technology.