Speed Data: When Lives Depend on Strong Security With John Mason

Tempo Technology Services' John Mason shares why strong cybersecurity in healthcare is so critical and how organizations can combat malicious actors.
Megan Garza
2 min read
Last updated March 25, 2024
Megan Garza and John Mason

Welcome to Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security professionals pressed for time.

John Mason is passionate about his role in securing private data because he knows the consequences of that data getting into the wrong hands can be a matter of life or death. The President of Tempo Technology Services shared examples of why strong cybersecurity in healthcare is so critical and how organizations can combat malicious actors.

While asserting a formidable security posture is important to any industry, maintaining strong cybersecurity in healthcare might be the most crucial area because lives depend on it, said John Mason, President of Tempo Technology Services.

“It is more than just a job,” he said.

We’re not dealing in technology and data around producing a widget; we’re actually dealing with patients’ lives. We have to get it right. We don’t have a choice not to.

Private healthcare data is some of the most important personally identifiable information there is. “We have control of people's most sensitive personal information,” John said. “For example, when any one of us goes to the doctor, there are things that our physician knows, our clinicians know, that most people maybe don’t know about us.

“When you expand that into the hospital world, people are at their worst moment. They're usually ill, they're wondering about their livelihood, whether they're going to live, whether they're going to be able to work, and we have control of some very important information that we just can't let people have.”

Getting paid for PII

Because this data is so sensitive, it is also incredibly lucrative to malicious actors.

“The data that we have is some of the most valuable data that people want to get hold of in the market,” John said. “An average patient's record is worth about $500 to $550 per record.”

“What they do is they take that data, they turn around, and they file false claims against the government to get paid for services that didn't happen. That's a multi-billion-dollar industry right now in healthcare; the number of false claims filed every year is in the multiple billions of dollars.”

A life or death battle

Protecting this data is getting harder every day, John said. “The sophistication of people coming after you is getting so much better. Thirty years ago, you worried about a small virus on your computer. Nowadays, it is so much more complex and sophisticated than that.”

In healthcare specifically, John said, “Bad actors can now get in your system and start having control of all those peripheral devices. An example of that might be an IV pump — you have an IV pump and all they have to do is push a button and they can inject you with something instantaneously versus a slow drip. They can kill people.”

Ransomware is another way attackers can impact day-to-day care. “They can harm a patient because a physician can’t get to the system to know what medications they are taking,” John said. “In many cases, ransomware isn’t about taking your data. It’s really about extracting a payment from you to give you your system back.”

But the key to protecting your organization and data is first locating your data, John said.

You have to have oversight as to where data resides. You have to know where the data is — and where the important data is — because all data is not equal.

“If we can see the data before it starts moving, we’re in a better place to try and shut it down and make sure we don’t lose it.”

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

strengthening-resilience:-data-security-vs-data-resilience-tools
Strengthening Resilience: Data Security vs Data Resilience Tools
Learn the difference between backup tools and true DSPs and what to look for when you’re choosing a DSP.
speed-data:-developing-‘security-as-a-service’-with-alexis-bonnell
Speed Data: Developing ‘Security as a Service’ With Alexis Bonnell
Alexis Bonnell, CIO for the U.S. Air Force Research Laboratory, shares her thoughts on the relationship between knowledge and AI.
speed-data:-ciso-leadership-tips-with-pat-benoit
Speed Data: CISO Leadership Tips With Pat Benoit
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
speed-data:-the-impact-of-ai-on-attack-vectors-with-justin-michael
Speed Data: The Impact of AI on Attack Vectors With Justin Michael
Corbin Capital Partners CTO Justin Michael discusses the hot topic of ChatGPT. Justin leads guarding sensitive data for the leading asset management firm.