Preview Mode Links will not work in preview mode

The CyberPHIx: Meditology Services Podcast


Sep 5, 2018

The FBI reported last year that the average dwell time for hackers in the healthcare environment is 270 days before they are detected.  Identifying and dealing with potential security gaps is especially important during security due diligence of new entities.

Learn ways that security time gap can be closed in our recent CyberPHIx podcast episode with Peter Merrill, Director of Information Security at Dartmouth/Hitchcock Health Care System and Meditology’s Brian Selfridge.

Our discussion with Peter touches on the following topics regarding security due diligence of merged and affiliated entities:

  • Maintaining good security measures is a good business practice whether or not your organization is acquiring or integrating a new entity.
  • Learn which security projects to prioritize when affiliating and integrating a new entity.
  • Create a security program that balances the organization’s culture and preference for techniques used in ethical hacking and other security due diligence methods.
  • How to deal with different security approaches within affiliated entities.

Show Notes

  • 0:29 Introduction
  • 1:56 Statistics on how long a hacking attack goes undetected within a healthcare environment
  • 3:11 Tactics to view what is happening within the network
  • 3:55 GDPR and how to add to the mix
  • 5:09 How to communicate risk to business owners
  • 8:27 What are the first things that need to be completed during a Merger or Acquisition
  • 11:55 Which systems and process win out in a Merger or Acquisition
  • 13:30 Reconciling cultural difference15:40 Key Learnings
  • 16:07 Introduction to next episode