This is the presentation that I created while applying for the CISO position at Babylon Health (note that I ended up taking up the CISO role at Revolut)
3. @DinisCruz
security
This presentation was created by
Dinis Cruz , who is an candidate to the
Babylon Health CISO position*!
DISCLAIMER!
* Dinis is currently NOT an Babylon Health employee/contractor
** Dinis does NOT have Internal knowledge of existing Babylon Health security team structure,
objectives or activities
?
WHY?
This is a good medium to present Dinis’
thinking, approach and values**
5. @DinisCruz
security
must enable and empower these amazing
professionals to fulfill their potential
… while enhancing the patient’s data:
Confidentiality
Integrity
Availability
13. @DinisCruz
security
@DinisCruz
GDPR - Personal Data Journey (Privacy Impact Assessments)
https://2018.open-security-summit.org/tracks/gdpr/working-sessions/creating-standard-for-gdpr-patterns/
14. @DinisCruz
security
@DinisCruz
Desired Threat Level capability
Detect and Contain
Must be able to:
Neutralise
Break economic model
https://www.canso.org/sites/default/files/CANSO%20Cyber%20Security%20and%20Risk%20Assessment%20Guide.pdf
18. @DinisCruz@DinisCruz
security
By combining the ever-growing
power of AI with the best
Security expertise of humans,
Babylon Health Security Team
can deliver a safe ecosystem for
customer’s health Data,
including personalised Security
assessments, treatment advice
and appointments with a
Security Professional 24/7.
AI
+
Security
Professionals
30. @DinisCruz@DinisCruz
security
Babylon Security objectives and
mission are completely aligned with
NHS and NHSx
Tight collaboration with NHSx Cyber
Security team is a win-win scenario for
both parties and the wider health care
industry
Learn, integrate
and improve
NHSx
Cyber Security
https://coinzodiac.com/cryptocurrency-arms-race/reinvent-wheel/
Do NOT reinvent the wheel
34. @DinisCruz@DinisCruz
security
1. Babylon Security provides a comprehensive
service, available to all*
2. Access to Babylon Security services is based
on need, not an individual’s business unit
3. Babylon Security aspires to the highest
standards of excellence and professionalism
4. The patient will be at the heart of everything
Babylon Security does
5. Babylon Security works across organisational
boundaries
6. Babylon Security is committed to providing
best value for money
7. Babylon Security is accountable to the
patients, management and shareholders
*All = Babylon Health Company and selected partners
Principles
inspired by:
35. @DinisCruz
security
@DinisCruz
Following best practices and ideas
1. Ensuring every Babylon Health customer and
employee data is protected
2. Establishing shared architecture and
standards
3. Implementing services to meet needs
4. Supporting stakeholders to get the best out of
technology, data and information
5. Making better use of cyber health and care
information
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/443353/HSCIC-Strategy-2015-2020-FINAL-310315.pdf
81. @DinisCruz
Created OWASP Summit* event.
Motivated 100+ Security professionals to collaborate together, and
release knowledge/code under Open Source (or Creative Commons)
* now called Open Security Summit