Cyber Savvy: Expert Insights on Protecting Patient Data from Delta Dental’s CISO

Welcome to the second edition of Cyber Savvy, a blog series delving into the insights of esteemed cybersecurity professionals. By posing a series of questions to these security leaders, we aim to uncover fresh perspectives on the ever-changing threat landscape and gain firsthand insights into the distinctive hurdles and successes they've encountered throughout their careers.

In our first installment, we chatted with Michael Marassa, Chief Technical Officer (CTO) of New Trier Township High School District 203, to learn about his experience.

For this article, we spoke with Alex Green, Chief Information Security Officer (CISO) of Delta Dental Plans Association. Alex is a seasoned security professional with extensive experience building innovative cybersecurity solutions and collaborating with federal entities and startups. As a CISO, he leads the development of a holistic security strategy, unifying disparate security teams behind a singular business vision.

Here’s what he had to share about his experience securing 80+ million customers from today’s cyber threats.

What are your biggest security concerns/challenges as a CISO?

A: Data governance and identity management. Both are huge topics that are tangentially related, but much like I need to understand and manage the flow of data in the company, I also need to understand and manage the actions of every user within our scope. I would not consider either problem solved, and I think culture ends up being a good portion of that equation.

What new challenges do you anticipate in the coming year?

A: AI is the topic on everyone's minds, but I believe the security challenge pertains back to data governance. What data is utilized for AI-driven processes, and how can you trust the use of said data? How the industry matures around this topic is really unclear, but it will be a challenge for sure. Secondly, given geopolitical tensions and recent executive orders, I feel that offshore data and resources are going to present more problems for security leaders in supporting business goals.

How is your team adapting to the evolving threat landscape? (advances in AI, increasingly sophisticated attackers, etc.)

A: Continuous learning. I am a huge believer in evaluating emerging technology and security startups because of the exposure to innovative approaches to new problems; something that I am not going to get from media or traditional education.

What do you consider your most important success metric?

A: ROI. More of an emerging metric as "we" quantify risk and risk reduction, but if I can speak to dollars of risk reduced by the investment in the security program and how that has improved over time, that is a win.

What are your three biggest goals for the coming year?

A: Develop a security strategy for data leaks, rebuild an application security program, and deploy zero-trust access across the brand.

What new trends in cybersecurity excite you right now?

A: AI, for sure. It will be difficult, but it is the definition of exciting.

Are there any security leaders besides yourself that you look to for guidance?

A: Carraig Stanwyck and Allie K. Miller

What advice do you have for other CISOs or aspiring CISOs?

A: Understand and befriend the business. If you don't understand how your business makes money and how the business operates, then you will remain a security silo rather than a trusted partner.

Want to learn more from Alex? You can connect with him here, or learn more about his work for Delta Dental Plans Association on their website.

In the next installment of Cyber Savvy, we will chat with another security expert about their insights on the ever-changing threat landscape. Whether you hold the title of seasoned CISO, aspire to become a security analyst, or simply seek insights from industry peers, you won’t want to miss this.

Want to be featured yourself? Contact us here and we’ll be in touch!