Q&A with Harris Health Chief Cyber & Info Security Officer Jeffrey Vinson: “The only safe day was yesterday.”

It’s not always easy blazing a trail or, as Jeffrey Vinson termed it, ‘being on the tip of the spear,’ especially in a sector as heavily targeted as cybersecurity. But when the opportunity arose to apply for a grant to help identify ways to share threat information and protect the infrastructure, Harris Health System answered the call, and immediately got to work figuring out how to improve collaboration across the industry. “We need to share information across the industry,” he said during an interview with Kate Gamble, managing editor at healthsystemCIO. “Knowing is half the battle.”

It’s a battle Vinson knows well, having gained experienced in the military and with the National Security Agency before coming to Harris in 2013. And the key to winning it, he has learned, is ensuring that CISOs and other information security leaders are involved in critical discussions. “We want to be at the table to make sure technology is being utilized in a way that we can protect not only the data, but those who benefit from the technology,” he stated. “We have to understand the mission and how we enable the business and protect it at the same time.”

Since his arrival at Harris, Vinson has worked to elevate the role of information security teams and create an environment in which cybersecurity is “part of the fabric.” In this interview, he talks about how he has worked to change the culture, what he considers to be the biggest hurdles to safeguarding data — and most importantly, patients, and why he believes it’s so important for cybersecurity professionals to come out of the shadows.

LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Key Takeaways



* On building a culture of cybersecurity: “Cyber is ingrained in the fabric of the organization… We’ve been preaching and advocating from the beginning to be involved.”

* On working with HHS: “From a public health standpoint, we need to share this information across the industry; knowing is half the battle. We want to get that message out.”

* On maintaining a balance: “We certainly don’t want to be the ones that stunt the growth of new technology, but we want to be at the table to make sure it’s being utilized in a method where we can protect not only the data, but also those who will benefit from the technology.

* On advising the business: It is paramount at Harris Health that cybersecurity plays a significant role in the mission and strategic vision and works closely with the CEO… we’re not an afterthought. We’re out there messaging and sitting next to the CEO and our compliance and IT partners to make sure we’re mitigating that risk.”

* On CISOs speaking at events: “We’ve historically been in the background, protecting things behind the scenes. But as we look more at risk and at the evolving cyber program, it’s important that we sit at that table and help create messaging around the importance of cybersecurity.”





Q&A with Jeffrey Vinson, Chief Cyber & Information Officer, Harris Health

Gamble:  Hi Jeffrey, thanks so much for your time; we really appreciate it. I’m looking forward to getting your perspectives.

Vinson:  Thanks for having me. I look forward to the conversation.

 

Gamble:  Let’s start by getting some information about the organization. Can you provide a high-level overview of Harris Health — what you have in terms of hospitals, where you’re located, etc.?

Vinson:  Sure. Harris Health System provides care to the underserved here in Harris County,