Rathod Takes the Helm as CISO
On Monday, Johns Hopkins Health System and University announced the appointment of Kiran Rathod as their new Chief Information Security Officer (CISO). Rathod succeeds Darren Lacey, who previously held the role of cybersecurity chief and has now transitioned to the position of Chief Engineer for Cybersecurity at the Johns Hopkins Applied Physics Laboratory.
A Proven Leader in Cybersecurity
Rathod brings a wealth of experience to her new role, having led global cybersecurity teams at Citigroup. Her focus was on building defensive controls against cyber threats in the banking and financial services sector. Before Citigroup, she served as Senior Director of Cyber Operations and Intelligence at Capital One and spent 16 years working with the FBI.
Rich Mendola, Vice President and Chief Information Officer at Johns Hopkins, expressed confidence in Rathod’s expertise, stating, “She brings experience and perspectives that are incredibly well-suited to the incessant cybersecurity threats that we must face in higher education and health care.” Rathod will report directly to Mendola as she steps into her role.
Cybersecurity a Growing Concern in Healthcare
The appointment comes at a time when cybersecurity is increasingly becoming a top priority for healthcare organizations. The sector has been hit with a surge of cyberattacks and data breaches in recent years, exacerbated by the proliferation of internet-connected devices and limited cybersecurity resources. Johns Hopkins itself was impacted by a cybersecurity incident last year related to a vulnerability in MOVEit file transfer software, which affected thousands of organizations globally, including healthcare companies and government agencies. Although Johns Hopkins was sued over the breach, the case was later consolidated with other lawsuits related to the MOVEit incident.
The Evolving Role of CISOs in Healthcare
The role of the CISO is a relatively new addition to the healthcare C-suite, according to a report by WittKieffer, an executive search firm. The report highlights that more than half of the CISOs at leading health systems have honed their cybersecurity skills in industries outside of healthcare before transitioning into healthcare IT teams. Only 15% of CISOs began their careers in the healthcare sector, while 30% were directly hired into executive positions within healthcare organizations.
As healthcare systems increasingly face sophisticated cybersecurity challenges, Rathod’s extensive background and leadership in the field will play a crucial role in safeguarding sensitive health data at Johns Hopkins.