ITCSPTA-Library-2024
Animated publication
IT Cybersecurity & Privacy
resource library
2024
2024 IT Cybersecurity and Privacy Roadmap
Quarterly Campaign Materials
Cybersecurity Watch Articles
From the Desks of...
Pause & Reflect “Bad actors are becoming more sophisticated and clever with their approach to using emerging technologies to launch cyberattacks. The evolving cyber threat landscape is making it more difficult for organizations to defend themselves against convincing phishing emails and malicious code generated by AI”. - Manu Singh, VP of Risk Engineering at Cowbell
Resource Library
Health care is being hit by cyber attackers at greater levels than ever before. National agencies, such as the FBI, are sending warnings across our industry alerting us to these situations. Remember, YOU are the first line of defense and our best weapon is education and awareness. We want to provide you with valuable resources in one location to help raise awareness on popular cybersecurity and privacy topics. This library is created for you to learn and share the knowledge both at work and at home. Let’s work together to protect Banner and ourselves.
Dave Schauble, VP Chief Information Security Officer
Privacy and cybersecurity topics go hand in hand, which is why we’ve partnered with the IT Cybersecurity team to create this library for you. The more awareness we create around these important topics, the more prepared you’ll be at work and at home. Protecting Sofia is important, not only because of regulatory standards, but also to protect the trust in the Banner brand. We need to work together to protect Sofia’s information, and one way to do this is to provide resources for you to be more aware.
Corey Shanks, Director, Privacy
2 Resource Library | 2024
Resource Library | 2024 3
2024 Cybersecurity & Privacy Roadmap
2024 Cybersecurity & Privacy Detailed Plan
Campaigns have been identified through the training needs assessment, analysis and stakeholder interview feedback. The roadmap includes training and awareness materials for each area below to be shared through various methods of communication and engagement strategies.
JAN FEB MAR APR MAY JUN JUL AUG SEPT OCT NOV DEC Hacking the Human Caution Risks Ahead Protecting Access The Risks Inside 1 3 5 7 9 11 2 4 6 8 10 12
JAN - MAR
APR - JUN
JUL - SEP
OCT - DEC
Hacking the Human Caution Risks Ahead Protecting Access
Supporting topics: Third-party risks Insider risks October Cybersecurity Awareness Month (CSAM) The Risks Inside
Supporting topics: Phishing
Supporting topics: Artificial Intelligence Freeware Personal VPNs
Supporting topics: Secure File Sharing Access management
IT Cybersecurity & Privacy Ambassadors Meetings Simulated Phishing Campaigns CIO Connect Magazine Article Banner Buzz Article Cybersecurity Awareness Month
CIO Connect Blog Articles 1. Phishing and Ransomware 2. Social Engineering 3. Smishing 4. AI Chatbot Threats 5. Virtual Private Networks 6. Deepfakes 7. Data Protection 8. Password Security 9. Protecting Access 10. CSAM Highlight 11. Security with Third-Parties 12. Intentional VS Accidental Insider Risk
4 Resource Library | 2024
Resource Library | 2024 5
Social engineering is a way for cyber criminals to trick you into providing sensitive information or clicking on a malicious link. It’s up to us to work together to keep Sofia, Banner’s and your information safe. It only takes one click. Learn more about how to keep your information safe at home and at work. Supporting Topics Phishing
Q1 -2024 Hacking the Human
6 Resource Library | 2024
Resource Library | 2024 7
Click here to download
Q1 Presentation
Security of customers’ information is your responsibility. We want to provide you with infor mation and resources to help be cyber secure like this video on Phishing (1:03). Learn more about what phishing is with this short video part of the "60 Seconds to Better Security" series from Proofpoint. Click the image below to watch the video. What is Phishing? Video
https://youtu.be/7T9GVA0gP1I?si=e9OENDeOmwfZOif4
*Examples from the presentation
8 Resource Library | 2024
Resource Library | 2024 9
© Copyright 2023 Banner Health
Emerging technologies and free software can be cool, but there's also risks associated with them that could affect your personal or professional devices. Learn more about the risks and what you need to do to remain secure at home and here at Banner. Supporting Topics Artificial Intelligence Freeware Personal VPNs
Q2 -2024 Caution Risks Ahead
10 Resource Library | 2024
Resource Library | 2024 11
Click here to download
Q2 Presentation
Security of customers’ information is your responsibility. We want to provide you with infor mation and resources to help be cyber secure like this video on AI Chatbot Threats (1:16). Learn more about the threats with using AI Chatbots with this short video part of the "60 Seconds to Better Security" series from Proofpoint. Click the image below to watch the video. AI Chatbot Threats Video
https://youtu.be/xXWAr7I2mOM
*Examples from the presentation
12 Resource Library | 2024
Resource Library | 2024 13
© ©C oCpoypr iygr hi gt h2t022032B3 aBnannenr eHr eHael tahl t h
The easiest way into a system is to go through the user. The bad guys have figured this out and use it to their advantage. The best protection is awareness. Learn more about some tactics used and how you can protect yourself and Sofia from them. Supporting Topics Secure file sharing Access management
Q3 -2024 Protecting Access
14 Resource Library | 2024
Resource Library | 2024 15
Click here to download
Access Reviews
Q3 Presentation
We’re all responsible for securing and protecting Sofia’s, Banner’s and your data. Access reviews help ensure that normal and priviliged access rights to Banner’s applications (Cerner, MS4, Lawson, DocuWare, etc.) are authorized and appropriate for a user’s current role and job function. Performing timely access reviews is one way that we can all work together to keep Banner secure. Your role as leader Banner is making an important change to the access
Your role as a team member There are things you can do as a team member to help and be successful. • Inform your team leader if you no longer need access to an application or system • Speak with your leader if you have questions or concerns regarding your access
review process for leaders. Access reviews that aren’t completed by the deadline of the campaign cycle will result in their team members access being automatically revoked from applications included in reviews. Access reviews are bi-annual for all access and quarterly for privileged access. • Complete access reviews in a timely manner • Ensure your team members only have access to the applications or systems they need for their role • Be aware that all access that is not reviewed during the access review time frame will be removed for team members and third parties
Plan ahead before the Q3 Access Review period Application reviews include Cerner, MS4, Lawson, DocuWare, etc. Reviews must be completed before Wednesday, Oct. 16, 2024 to ensure your team members don’t lose access If you have any questions or concerns, please email IAMAccessReviews@bannerhealth.com.
*Examples from the presentation
16 Resource Library | 2024
Resource Library | 2024 17
© Copyright 2023 Banner Health
There are various risks an organization faces every day, including insiders. Intentional or unintentional, team members can pose a risk to Sofia and the organization whether it's through carelessness or intentionally sharing confidential information including personal health information (PHI) or financial information. Supporting Topics Third-party risks Insider risks
Q4 -2024 The Risks Inside
18 Resource Library | 2024
Resource Library | 2024 19
Click here to download
Q4 Presentation
Security of customers’ information is your responsibility. We want to provide you with infor mation and resources to help be cyber secure like this video on The Risk Inside (3:40). There are many different types of insiders that can pose an intentional or even unintentional risk to the organization. Learn more about these insider risks and how to report any suspicious activity. Click the image below to watch the video. The Risk Inside Video
https://youtu.be/nNOnRgpTp40?si=UH_1ogIOXpPqYHp2
*Examples from the presentation
20 Resource Library | 2024
Resource Library | 2024 21
© Copyright 2023 Banner Health
Banner Health Information Technology We are dedicated to the Mission of Banner Health to make health care easier, so life can be better. We are focused on hiring and retaining the best IT talent, driving innovation, providing legendary service and delivering successful outcomes.
22 Resource Library | 2024
Made with FlippingBook Ebook Creator