By Reign Nelson. Jeanie Larson is the chief information security officer (CISO) at UC Davis Health. She majored in computer science and math at the University of Idaho and has been “doing cybersecurity stuff” since around 1985. She was one of the first people to go through the Department of Energy’s cybersecurity training at Los Alamos National Lab and worked on some of the earliest intrusion detection systems, back when everything had to be coded and parsed manually. She got involved in healthcare in 2011, and in 2014 was invited to serve on the board of directors for the National Healthcare Information Sharing and Analysis Center (NH-ISAC). Her work there is helping to drive change in national policies for securing medical devices, a task she is truly passionate about.
As CISO, “Every day is different. That’s what I love about this,” she said. Larson’s responsibilities include fighting daily cyber attacks and improving and maturing their incident response program. Balancing risk with cost is a challenge, she said. For example, institutions need to ask themselves how much they are willing to spend on a cyber risk program, because no one can be one hundred percent secure.
Best advice for cyber protection
Larson believes the most important steps to take against cybercrime are keeping devices and applications up to date, using complex passwords, and using multi factor authentication when available. She also mentioned using a different password for each account and using a password manager, such as LastPass.
Changes in the field
The Internet of Things and other evolutions in technology have spurred big changes in information security. There has also been a paradigm shift in incident response. She explained that she used to be concerned with perimeter security. Now every device that connects to the network is the perimeter. When her team responds to an incident, they assume the “bad guys” are already in the network, within the perimeter. Incident response is now about rapid recovery, damage assessment, and preventing similar incidents in the future.
Larson said the future of information security lies in automation, managed services, and information sharing. She said in the past people were worried about what happened to their information, but now we are seeing kinetic events – cyber events that can cause dramatic real-world crises, such as power grid failures or airplane crashes. She believes people do not yet recognize these as cyber issues. Larson predicts there will be a major kinetic event caused by a cyber event in the next 2-5 years newsworthy enough and noteworthy enough to get people’s attention and change the world.
One thing that keeps Larson up at night is patient safety and the threat of malware infected medical devices. After all, she said, “anything that has a chip in it is hackable.”