.png){kind=logo}
Transaction Data Systems (TDS) is the leader in independent pharmacy services and solutions. TDS provides innovative pharmacy management solutions and clinical applications that adapt to the workflow needs of the largest network of independent and community pharmacists. For over 40 years, TDS has supported the needs of single, multi-site, assisted living, and hospital pharmacies through its portfolio of software and services including Rx30, Computer-Rx, KloudScript, Enhanced Medication Services, and PharmAssess.
As the CISO for TDS, Saeed Valian has been responsible for consolidating and establishing a world-class information security practice based on the right balance of effective security measures and meaningful compliance controls. Saeed is a highly regarded information security leader who is known for proactively confronting and resolving cybersecurity, compliance, and business risk challenges. Leveraging over 15 years of comprehensive information security and information technology experiences enables him to build and/or improve robust security practices by increasing business performance, integrity, and scalability.
Saeed's proven record of defining customized strategies and establishing cross-functional teams demonstrate innovative solutions and services, resulting in increased productivity and competitiveness by providing security at the speed of business! Considering himself an advocate for the security industry fighting the good fight, he promotes building effective security culture customized for each business, reducing gaps by building relationships through collaboration and investing in security-minded Business Unit (BU) experts to become the organization's security advocates (BISO's) in order to establish a dynamic approach to security and compliance.
The opportunities to build and/or improve information security practices for several organizations in different industries, including but not limited to the healthcare, technology, and manufacturing for medium and large enterprises, as well as the unique experiences of being on the client and vendor sides, have provided him with unique skills to prepare and deploy innovative, yet practical and scalable security strategies.
According to Saeed, being able to understand the business requirements and offerings, thoroughly assessing the organization, and preparing a meaningful security strategy are only the beginning. It is part of the challenge to digest the findings into meaningful actions and lay a measurable roadmap, translating it into the business and finance language, and effectively communicating it to the business executives for their buy-ins. Additionally, building diverse teams, creating innovative user awareness programs, promoting the importance of cybersecurity via fun activities, including and not limiting to security shows, internal programs to recognize and celebrate security advocates across the organization, and interactive security intranet will significantly improve the security culture.
From the personal experience of Saeed, taking the consultative approach to security has significantly improved the business's willingness to consider and adapt to security recommendations. As part of this approach, it is critical for security leaders to truly design and promote security as a business enabler that will result in security being integrated into the core of the company. It's imperative to reshape security from being the "bottleneck" to being part of the process by providing security at the speed of business.
Saeed believes that like many areas of a business, data and visibility to it are keys to a successful security practice. It is not feasible for companies to hire an unlimited number of security professionals to manually monitor and analyze a large number of system logs, malware, and potential cyberattacks to protect their data.
Utilizing emerging technologies such as automation, machine learning, and artificial intelligence will be significant to a reliable security practice. It is imperative for a solid cybersecurity practice to be able to predict potential malicious behavior as cybercriminals are always one step ahead! To do so, the ability to consolidate data from different platforms and layers, analyzing for anomalies, and communicating results in form of actions in a matter of seconds rely significantly on automation, machine learning, and artificial intelligence. Traditional SIEMs with limited (and/or costly) space for logs will be replaced with Cloud-based offerings built on big techs' data centers with access to data and patterns in near-real-time. That being said, it is imperative for such efforts to be controlled and human-led for best results.
While healthcare technology companies play a critical role in providing essential solutions to healthcare providers to deliver meaningful services to their patients, they are placed in a challenging position to find the right balance of functionality and creativity against imperative compliance requirements and security controls to keep patient data safe. "An increasing number of regulations, an ever-growing number of cyberattacks, and unique clients' requirements add to the complexity to be addressed by healthcare technology vendors; "transparency" is key to the future of said vendors from a security and compliance perspective," said Saeed.
While leadership skills and security expertise are essential, Saeed feels that it's imperative to recognize that an effective security practice is not a cookie-cutter solution, but a customized approach unique to each business. Understanding the business to promote a security culture demanding for a transparent security practice based on the right balance of compliance controls and effective security measures is the key to one's success— to prepare a culture to demand transparent security versus forcing it.
Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
_____________
Disclaimer: Analytics Insight does not provide financial advice or guidance. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. You are responsible for conducting your own research (DYOR) before making any investments. Read more here.
