'; if(pArray.length >= 4) { i=2; } else if(pArray.length >= 3) { i=2; inline = ''; } else if(pArray.length >= 2) { i=1; inline = ''; } else if(pArray.length === 1) { i=0; inline = ''; } $('#librarydrawer_story_container script').each(function() { $(this).remove(); }); $(pArray[pArray.length - 1]).after(subscribeBox); $(pArray[i]).after(inline).after($('#librarydrawer_story_container')); $('#text-story').focus(function() { if ($(this).val() == 'EMAIL ADDRESS') { $(this).css({color: '#000000', backgroundColor: '#ffffff'}); $(this).val(''); } }); $('#text-story').blur(function() { var trim = $(this).val().replace(/[\s]/g, ''); if(trim === '') { $(this).val('EMAIL ADDRESS'); $(this).css({color: '#666666', backgroundColor: '#f8f8f8', border: '#666666 1px solid'}); } }); $('.content-subscribe .btn-submit').click(function() { var val = $('.content-subscribe .text').val(); if(val.search(/[a-z0-9!#$%&'*+\/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+\/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/gi) === -1) { $('.content-subscribe .text').css('border', '#ff6600 1px solid'); $('.content-subscribe .text').focus(); return false; } return true; }); }); //-->

What payers can learn from Aetna's CISO

Agari brief examines how to build CISO role, better protect consumer information

As the role of chief information security officer (CISO) continues to expand throughout the healthcare industry, insurers can take a page from Aetna's book in how to successfully implement and build this position.

Chief Security Officer Jim Routh (pictured right) joined Aetna amid a time of frequent email spam and cyberattacks, according to an executive brief from Agari. Cyberattackers sent some 65 to 70 million emails each year, using Aetna's name to scam consumers into providing their personal information.

Understanding the need to protect consumer information, especially given that medical data is worth much more on the black market than a Social Security number, Routh began to inform Aetna board members about the importance of enterprise cybersecurity.

Routh then set out to discuss strategies with individual teams. For instance, when speaking with the marketing team, the conversation focused on click-through rates and the return of investment from email marketing. And because conversations varied among the different teams, Routh was the glue that held the different pieces together, the brief points out.

Given the rather high turnover rate of CISOs, whoever assumes the position needs to become truly integrated with other C-suite employees. A CISO can achieve this by understanding business priorities, especially brand protection; communicating with all teams within the company in order to learn from and inform them of strategic steps; and taking initiative when it comes to building new areas of business.

While various CISOs continue to collaborate with executives on technology decisions, they can do better at working with other healthcare organizations, FierceHealthPayer previously reported.

For more:
- here's the brief

Related Articles:
8 best practices for payer data security
HCSC security chief touts collaboration
HHS CISO: Healthcare orgs need to beef up basic security practices