To master cybersecurity, design systems around employee workflows

Marin General Hospital in northern California has taken a people-centric approach to improving healthcare security. The hospital focused on staff training and education, as well as implementing a bug bounty programme called Security Sleuths, which rewards staff for identifying and reporting phishing emails. Marin also sought input from staff when making changes to workflows, and partnered with other internal stakeholders to prioritise security throughout the organisation. As a result, Marin saw a 50% reduction in system vulnerabilities and 100% staff participation in security awareness efforts.