Enabling Business Through Risk Management

Monique Hart, CISO and Executive Director of Information Security, Piedmont Healthcare

Bio Image courtesy of Hart

Background image / Stígur Már Karlsson /Heimsmyndir / E+ / via Getty Images

When Monique Hart started building information security programs for enterprises, the label “security” wasn’t quite being used yet. “I started in security before it was thought of as security,” she laughs.

Hart originally went to college for electrical engineering. In the ‘90s, she got very interested in the idea of computer networking and started out in desktop support after pursuing her first certification as a Microsoft Certified Systems Engineer (MCSE), working her way up the ranks from there and finding herself in security leadership roles by the early 2000s.

Throughout her career thus far, Hart has played a role in building information security programs, and governance, risk and compliance policies and procedures from the ground up at a number of organizations across a variety of industries, including Ceridian, Turner Broadcasting, Coca-Cola and Children’s Healthcare of Atlanta, before assuming her current role as Chief Information Security Officer (CISO) and Executive Director of Information Security at Piedmont Healthcare, an 11-hospital entity in Georgia.

“The overall safety and security of the patients and employees is our priority,” she says. “We focus on risk management of the organization without impeding the business.”

And not impeding the business is key, according to Hart, because there was that time where security was known as the “No” department and she’s had a first-hand seat watching the evolution of the profession since. “I’ve seen it go from the ‘No’ department to ‘how can we do that safely?’ and people now understand the value in this space,” she says.

Hart says that the biggest challenges for security professionals right now are access control and user education, both brought to the forefront over the past year and half since the beginning of the COVID-19 pandemic.

“Regardless of the industry, you really need to tie the importance of your program to what the end user does in their daily lives, integrating [security] so that it becomes a sort of habit that allows them to help protect themselves and their environment,” she says. Hart adds that both outsider and insider access control, from a cybersecurity perspective, are two major areas of focus right now for security leaders as they wrestle with the challenge of pinpointing vulnerabilities in the technologies being used across the enterprise.

Hart’s career successes may be partly attributable to her drive to remain resilient and agile in an ever-changing threat landscape. She’s not only a forward-thinker, but a life-long learner. Right now, in addition to her role at Piedmont Healthcare, Hart is pursuing her executive MBA.

Another key to her success as a security leader is Hart’s ability to build a successful team that can keep the goal of safety, security and confidentiality in sight. “As a leader, what I do now is knock down walls so my people can get their job done. I am no longer at the keyboard finding the vulnerability, but it’s my job that the whole organization understands the risks and sound decisions to move forward,” she says. “I can’t do that without my team. I need to be able to trust my team, and they need to know that they have my support. The biggest thing I can do for my team to be successful is to make sure they understand our strategy and our goals so they can strive toward that mission.”

Of course, finding those trustworthy team members is a challenge for every security leader, but Hart says the industry needs to think outside the box. “There has been a big push for STEM backgrounds and that is near and dear to me because it helped me get here, but I try to communicate that you can still be a valuable asset and have a successful security career without a STEM background,” she says. “An art major, for instance, can see things from a different perspective or communicate weaknesses in a unique and effective way. Sometimes you need to look outside that major or that curriculum to find the person that helps complete the puzzle. Of course, you need to understand computer languages, but if you can relate to the world in other ways, that’s priceless.”

To go back to the main article, click here.

Maggie Shein was Editor in Chief at Security magazine. She has been writing, editing and creating content for the security industry since 2004. She has an experienced background in publishing, communications, content creation and management. Within her role at Security, Maggie handled the overall direction of the brand, organized and executed the annual conference, facilitated Solutions by Sector webinars, researched and wrote exclusive cover stories, managed social media, and authored the monthly Security Talk column. She has both an undergraduate degree and master's degree in journalism.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.