Cyber Ambassador Program Seeks to Extend the “Fabric” of Security, Says ChristianaCare CISO Anahi Santiago

In the face of growing cyber threats, ChristianaCare CISO Anahi Santiago is taking a bold approach to cybersecurity awareness and resilience. At the heart of her efforts lies the Cybersecurity Ambassador Program—a forward-thinking initiative designed to transform the health system’s workforce into a first line of defense against cyberattacks. This program not only enhances individual skills but also establishes a culture of security that spans all roles and departments.

Scroll down to watch or listen to the full interview; or subscribe to healthsystemCIO on your favorite podcasting channel

A Visionary Approach to Workforce Training

The genesis of the Cybersecurity Ambassador Program was a Department of Labor grant that aimed to provide advanced training in areas like data analytics, cloud computing, software development, and cybersecurity. Santiago, in partnership with ChristianaCare’s iLEAD department, saw an opportunity to extend the reach of information security beyond the confines of IT. The result was a comprehensive 12-week program designed to prepare caregivers across the organization to earn two industry-standard certifications: Network+ and Security+.

“The course is designed to enable anyone who finishes it to sit for these certifications,” Santiago explained. These certifications not only validate participants’ technical expertise but also offer a gateway to deeper involvement in cybersecurity. The curriculum combines intensive coursework with practical, on-the-job training, allowing participants to apply what they’ve learned in real-world scenarios.

When the program launched, Santiago anticipated modest interest—perhaps 12 to 15 participants. Instead, the response was overwhelming. “About 150 people signed up, which was really exciting,” she said. While the rigorous demands led some to drop out, 96 participants are now on the verge of completing the program.

A Diverse Cohort with a Shared Mission

One of the most striking aspects of the Cybersecurity Ambassador Program is the diversity of its participants. Approximately 44 percent of the current cohort comes from IT backgrounds, though not necessarily from cybersecurity roles. The remaining 56 percent hail from non-IT disciplines, including clinical care, billing, and data analytics.

For the IT professionals involved, the program offers a pathway to transition into specialized cybersecurity roles. But Santiago is equally focused on the contributions of non-IT participants. “These individuals are now positioned to extend the fabric of our information security team into non-information security departments.”

Non-IT ambassadors are being encouraged to bring cybersecurity awareness into their daily workflows and to serve as champions within their teams. For example, a nurse who completes the program might collaborate with Santiago’s team to create cybersecurity training tailored to bedside care, addressing specific vulnerabilities like medical device security and patient data handling. This approach ensures that cybersecurity principles are integrated into the day-to-day practices of all departments, making the organization more resilient.

Bridging Gaps and Building Resilience

While the program’s immediate goal is to improve individual competency, its broader mission is to strengthen ChristianaCare’s organizational resilience. Santiago acknowledges that traditional IT downtime plans often fall short in addressing the complexities of modern cyberattacks, which can render systems inoperable for weeks. “Most people in the organization don’t understand the complexities of cybersecurity or the extended time it takes to recover from a massive cyberattack,” she noted. This gap in understanding can leave organizations vulnerable during critical incidents.

The Cybersecurity Ambassador Program directly addresses this challenge by fostering cross-departmental collaboration.