Addressing Telehealth, Telework Security Amid COVID-19Martin Littmann, Kelsey-Seybold Clinic CISO and Stephen Moore of Exabeam Discuss Steps to Take
With many more employees working remotely and a heavier demand for telehealth services during the COVID-19 crisis, entities need to consider extra, accelerated steps in keeping data and systems secure, says Martin Littmann, CISO of the Kelsey-Seybold Clinic, and Stephen Moore, a former security leader at health insurer Anthem.
"We already had an active telehealth practice in place, but weren't doing as many [telehealth] visits as we do today," Littmann says in an interview with Information Security Media Group.
"We've largely moved our organization from seeing patients in clinics to seeing patients in telehealth environments, and we do that from secure connections that were already established," Littmann adds.
However, to meet that growing demand for telehealth services, the clinic needed to expand the licensing capability of its telehealth platform as well as roll out multi-factor authentication to more workers.
"We [already] did have workers working remotely doing two-factor authentication - and those workers were familiar with the process," he says. But the sudden surge in demand for remote work by clinic staff meant Littmann's team expanding multi-factor authentication - and related training - to more workers quickly.
"We had to step up collaboration around an accelerated means for them to make those [remote-work] requests, and be enabled," he says.
Threat Detection, Incident Response
Meanwhile, as healthcare entities support higher volumes of remote-workers and telehealth services during COVID-19 response, they also need to prevent these individuals from falling victim to cyberthreats, including bad actors trying to take advantage of the crisis, says Moore, in the same interview.
"The threats are largely the same [as previously] ... but I'm more concerned about the operation of protecting the expanded workforce and making sure you connect all the pieces necessary in defense, when everything is virtual," says Moore, who is currently chief security strategist at security services firm Exabeam.
"In a situation where everyone is remote, this creates problems with response," he says. "It can also create blind spots for detection."
So, entities need to take extra steps, including detecting behavior that's unusual under the new remote circumstances, and avoiding situations where potential incidents are missed or response is delayed, he notes.
"You can't just tap someone on the shoulder to respond; you have to do this all virtually," he says.
In the interview (see audio link below photos), Littman and Moore also discuss:
- Detecting security incidents and responding quickly to potential breaches when most employees - including security staff - are working remotely;
- SOC considerations when most security staff are distributed or working remotely;
- Other top challenges facing security teams during the COVID-19 crisis.
Littmann is CTO and CISO of Kelsey-Seybold Clinic, a large multi-specialty clinic system located in Houston, Texas. The clinic system is a major provider of healthcare for NASA employees and a center for healthcare research. In his roles, Littmann is responsible for IT architecture and strategy, infrastructure, network and information security. He has over 30 years of global business experience spanning healthcare, energy, manufacturing and consulting.
Moore is vice president and chief security strategist of security services firm Exabeam. He has more than 15 years of experience in information security, intrusion analysis, threat intelligence, security architecture and web infrastructure design. Prior to joining Exabeam, Moore spent more than seven years at Anthem, in a variety of cybersecurity practitioner and leadership roles. He was also the architect of the 6,000 square-foot Anthem Cyber Security Operations Center in Indianapolis.