Skip to main content

Counteracting Healthcare Industry Cybersecurity Threats: Security Awareness for Everyone (SAFE)


Here at HealthEdge, our cybersecurity strategy relies on a defense-in-depth approach, which means we rely on people, processes, and technology to ensure our security controls remain viable and constantly evolve. Of these three, the HealthEdge team, is the most formidable layer of cybersecurity. We count on our global workforce to stay informed, identify and report suspicious messages, and to understand and comply with our IT Security Policies. Our Chief Information Security Officer, Jerry Sto. Tomas says, “I am often asked how big our security team is. I respond with, ‘around 2,000 people.’ Each of us has a responsibility in security because the HealthEdge team is the first line of defense.”

The SAFE program aims to empower our team with:

  • Regular newsletters providing education on industry threats and vulnerabilities.
  • Cybersecurity alerts on real-time threats and how the workforce can help.
  • Comprehensive IT security policies.
  • Mechanisms to report suspicious messages.
  • Monthly internal phishing simulation tests and just-in-time training.
  • Annual training, role-based training, and continuous micro-training.
  • Cybersecurity best practice tips to implement in the workplace and at home.

Preparing the Team

With regular information newsletters and real-time security alerts, our team is always kept up-to-date on cybersecurity, regardless of their role at HealthEdge. Newsletters are sent out bi-weekly with cybersecurity news, tips, trends and communications about new security practices. Newsletter content is tailored to our organization with the objective of improving overall cybersecurity awareness both at work and home.

Identifying and Reporting

The goal of SAFE is to ensure everyone is able to identify and quickly report suspicious messages or activities. The Security Operations team analyzes every message that is reported as suspicious and sends the results back to the reporter. Sending the analysis results back to the reporter provides the reporter with confirmation of their ability to identify malicious messages or spam. On a monthly basis, phishing tests are sent out that simulate current phishing campaigns used by threat actors. Campaign attack techniques include domain and popular brand spoofs, QR codes, and suspicious links with requests for information, oftentimes with topics based on global security trends, cultural events or “the events of the day”. In addition to maintaining a low fail rate, the objective is to increase identification and reporting of suspicious messages. Those who fail are provided subsequent training to increase future awareness.

Administrative and Technical Controls

In addition to IT security policies, HealthEdge implements technical controls that monitor and enforce password policies and multifactor authentication. Network access is controlled, and principles of least privilege are enforced. This means that even trusted users with authorized network access are limited to only the access required to do their job. When access is granted, logs are collected from across the environment, which gives us the ability to monitor changes that could impact preservation of confidentiality, integrity, or availability. Our team’s cybersecurity habits, and best practices strengthen our administrative and technical controls; each component is critical for cybersecurity maturity.

A Holistic Approach

Our team prides itself on keeping up with the latest cybersecurity news and updates. We follow industry best practices, monitor third-party intelligence, implement technical and administrative controls, and most importantly we keep the cybersecurity discussion going. Our holistic approach allows our team to be prepared to protect the HealthEdge workforce network as the first line of defense, and also empowers them to practice good cyber hygiene at home. Security awareness for everyone, every day, everywhere.