PRO+ Premium Content/Information Security

When Omar F. Khawaja compiled his priority list for 2018, he didn't include which security technologies he wanted or how many IT staff he hoped to hire. Instead, the CISO at Highmark Health -- a healthcare management and insurance provider whose portfolio includes Allegheny Health Network, United Concordia Dental and Visionworks, among others -- articulated an overarching strategy on how the cybersecurity plan should fit within the national organization's business strategy. "While I do realize that I will need technology to enable many of the things I'm trying to do [this] year and going into 2019, my goal isn't to deploy technology, but to realize certain outcomes," said Khawaja, who works out of Highmark's Pittsburgh headquarters. Khawaja broke his cybersecurity plan down into five key areas of focus. First, he wants to look at how his team makes decisions. "There are always more opportunities to make more impact and add more controls than there are the resources and time to do so," he said. "So how do we create a ...