Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)
Beyond Data Protection in Healthcare
Microsoft's Leslie Sistla on Evolving Threats to Health DataAs threats evolve, healthcare organizations are embracing new solutions to protect health data. But data protection is not enough, says Microsoft's Leslie Sistla. Detection and response strategies are required.
See Also: Are Security Tools Slowing Your Response?
"We do a lot of work to understand anomalies that are happening on our infrastructure," says Sistla, Microsoft's director, technology strategy, worldwide health industry. "And then after we detect [an anomaly], we respond to that as well, so we're working on improving our response capabilities - like a fire drill."
Microsoft internally practices these data protection principles, Sistla says, and then rolls them out to clients, including those in the healthcare sector. She addressed this and other topics in a presentation titled "Data Protection Strategies for Healthcare" at Information Security Media Group's recent Healthcare Information Security Summit in Boston.
In a video interview recorded at that ISMG event, Sistla discusses:
- The healthcare data threat landscape;
- Why data protection is not enough;
- What to do when you know you're a target.
Sistla brings more than 20 years of industry experience to her role as Microsoft's director, technology strategy, worldwide health industry. She helps healthcare customers and partners worldwide address privacy, security (including cybersecurity) and regulatory compliance requirements on the Microsoft platform. And she represents Microsoft at interoperability standards development organizations, including HL7 and IHE. Sistla is responsible for guiding the evolution of a growing ecosystem of enterprise solutions spanning a wide range of integrated health management systems, cloud, mobile, IoT and service lifecycle management/delivery in collaboration with customers, partners, industry organizations and Microsoft product groups. Before joining Microsoft in 2000, she held various technology roles at Oracle Corp and McKesson (HBOC).