Scripting Cyber Success: Manan Kakkar and the Future of Healthcare Security

Manan Kakkar | Cybersecurity AVP at Providence
Manan Kakkar | Cybersecurity AVP at Providence

Manan Kakkar serves as the Cybersecurity AVP at Providence, a hub where technology thrives. His journey, rooted in a robust academic background in Telecommunication engineering, led him into the intricate domain of cybersecurity. At EY, he pioneered the M&A Cybersecurity practice within EY-Parthenon.

During his tenure at Deloitte, Manan showcased strategic brilliance by leading enterprise-wide risk assessments. He crafted proactive security strategies, transforming reactive measures into effective shields against risks. Manan not only designed plans but also operationalized them, ensuring organizations could detect, monitor, respond, and recover effectively.

Beyond his corporate role, Manan is a tech enthusiast and a prolific writer. His analytical skills extend to dissecting technologies and predicting their impact on future landscapes. He holds the esteemed title of Microsoft MVP for Windows Desktop, solidifying his reputation in the tech sphere.

Within Providence Health, Manan is a driving force, guiding the organization towards a future where technology, security, and innovation converge seamlessly.

Let’s delve into a narrative of transformation, resilience and visionary leadership, marking Manan as a trailblazer in the ever-evolving world of cybersecurity!

Guardian of Digital Fortresses

Manan embodies a crucial role in shaping a robust cybersecurity strategy. His team acts as the linchpin, integrating the visions of the CISO, CIO and CEO into a seamless plan. “My team’s role is to facilitate the development of a cohesive cybersecurity strategy that’s aligned to the CISO, CIO and CEO’s vision,” he states earnestly. They meticulously allocate budgets, explaining their choices to various teams and ensuring every penny aligns with their strategy.

With a watchful eye, Manan’s team oversees execution with both engineering and business teams. It’s the incorporation of strategy, budget and execution where Manan leads the way with utmost precision.

Words to Shields

Manan’s journey into healthcare cybersecurity is as intriguing as it is inspiring. “I’ve had a very interesting path into cybersecurity and now into healthcare cybersecurity,” he reflects, tracing his steps from being a telecom engineer to delving into the intricate world of networks and core technologies. His knack for writing led him to tech journalism, immersing him in breaking news stories. Grad school was a turning point, getting him back on track to networks and business management and laying the foundation for his cybersecurity career. His tenure at Deloitte and EY sculpted his expertise, especially in pioneering cybersecurity due diligence during M&A, a concept considered revolutionary at the time.

Manan’s journey reflects his resilience and innovation. “I learned about deploying Oracle Identity Management tools, Qradar, pivoted to cybersecurity strategy work which got me exposure to a lot of industries like Healthcare, public sector, restaurant industry, etc.,” he recounts. His expertise wasn’t confined to digital realms—he ventured into physical security assessments, leaving an indelible mark on internal audit reports.

His pivotal moment arrived when he collaborated with Providence’s CISO, embarking on a transformative mission. “That’s how I ended up here and that’s where we are going,” he states with determination. Manan’s story highlights the core qualities of leadership—a combination of expertise, adaptability and the bravery to advocate for innovative approaches.

Shielding the Vulnerable

It’s extremely challenging for the teams and the industry at large,” he admits, acknowledging the constant barrage of new technologies and techniques employed by cyber threats. Guided by decisive leaders, his team comprises exceptionally skilled individuals adept at both tools and manual validation of alerts. Their strength lies in strategic partnerships with cybersecurity industry vendors, enriching their defense with shared threat intelligence.

What sets them apart is the unique background of their SecOps leader and CISO, drawing from intelligence and armed forces. This background not only brings expertise but also valuable connections, enabling collaborations with entities like the FBI. Manan emphasizes the complexity of the challenge, highlighting the need for a dedicated ecosystem working tirelessly to safeguard our health system and society.

Data: The Double-Edged Sword

Manan delves into the complexities faced by leaders in the intricate world of cybersecurity. “There are cyber risks, compliance risks, regulatory requirements,” he points out, emphasizing the multifaceted nature of the challenge. Balancing the need for security with the demand to ‘move fast’ in the tech landscape creates a delicate equilibrium.

Anything regulated has to be locked down, that’s not negotiable,” he asserts, underlining the non-negotiable aspects of compliance. Yet, he navigates the gray areas, where data becomes a competitive advantage. Here, collaboration is key. “We have to work with data custodians and customers, challenging everyone on the problem being solved,” he explains.

Manan’s effective leadership is evident in his approach, where he demonstrates a nuanced understanding that each case is unique. “We cannot lock down everything because that will restrict science and business development,” he wisely notes. His strategy? Finding the middle ground where reasonable guardrails are set.

In the intricate interaction of security, compliance and progress, Manan demonstrates effective leadership. He strikes a nuanced balance between firmness when required and cooperation when feasible. This approach guarantees not only cybersecurity but also nurtures innovation and organizational development.

Strength in Being Consistent

Consistency is key in cybersecurity,” he asserts, emphasizing the need for uniform application of controls. Under the visionary leadership of CIO BJ Moore, Providence embarked on a transformative journey. “We’ve worked with the regional and folks on the ground embedded in the hospitals,” Manan explains.

This collaborative approach allowed them to centralize their cyber resources, processes and technologies.

The result? A streamlined system enabling the implementation of crucial controls like MFA system-wide and a comprehensive endpoint security strategy. Internally, efforts to consolidate vendor tools have significantly streamlined their cyber stack.

Manan’s statement highlights a crucial reality—amidst changing threats, steadfast and unified cybersecurity strategies are pivotal. They guarantee the safety and resilience of digital infrastructure.

In Compliance We Trust

In the world of regulations and compliance, Manan trusts his team of experts. “We have some very smart people who keep an eye out for regulatory changes, existing laws and rules,” he emphasizes.

The synergy between legal, compliance and technical leaders is crucial. They delve into the nuances, deciphering interpretations and motivations behind requirements. Manan demonstrates leadership by recognizing the collective intelligence within his team, ensuring seamless alignment between legal and technical aspects.

Prescribing Solutions

In his extensive journey spanning diverse sectors, Manan pinpoints two crucial challenges in healthcare cybersecurity. “Firstly,” he begins, “we must ensure cybersecurity controls at hospitals and clinics without disrupting frontline caregivers.”

For Manan, the balance between robust security and seamless patient care is paramount. He recognizes the disparity between his tech enthusiasm for measures like MFA and a nurse’s focus on patient safety. “Our caregivers are targets, so we focus on non- disruptive security controls,” he stresses, acknowledging the need for awareness without hindering critical care.

The second challenge delves into the intricate healthcare vendor landscape. “Securing connections and addressing vulnerabilities in biomedical devices pose a huge challenge,” he admits, revealing the complexity that keeps their team vigilant. This concern isn’t just a theoretical worry—it’s a tangible issue that occupies their thoughts, especially their dedicated SecOps leader.

In these challenges, Manan demonstrates leadership through a deep comprehension of the human dimension of cybersecurity and a proactive strategy in addressing the intricacies within their control. This is achieved while preserving the core principles of patient care, showcasing a keen balance between technical expertise and compassionate service.

Pioneering Cyber Sentinels

Manan sees innovation as a diverse continuum. “We look at this as a spectrum,” he explains. “Sometimes, solving the simplest problem requires innovation in some fundamental ways.” He delves into the complexities, illustrating how even seemingly straightforward tasks demand innovative approaches.

From implementing multifactor authentication across a vast healthcare network to exploring groundbreaking avenues like Generative AI, his team navigates this spectrum with finesse. “There are product innovations or moon shots,” he elaborates, citing their collaboration with federal agencies and ventures into Generative AI.

Certainly, Manan underscores the significance of incremental and process innovations, which he asserts have a considerable impact on daily operations. From Manan’s viewpoint, innovation is not a remote idea but a dynamic force that molds their strategies, ensuring the safety of the healthcare system they protect.

Uniting Forces

At Providence, Manan observes a pivotal shift, one he deems as the most significant personal transformation within the organization. “Moving cyber more to the left of a process’ and ‘cyber having a seat at the table are not just concepts but integral parts of our extended leadership team,” he emphasizes. This change isn’t merely theoretical—it’s a shift in mindset and approach. If any task arises where cyber wasn’t involved early, their team steps in, highlighting the missed opportunity and demonstrating how early engagement accelerates processes.

Manan’s perspective unveils a fundamental truth—collaboration is the cornerstone of a robust cybersecurity strategy. “For any mature cyber organization, this is a key to success,” he states, stressing the importance of building relationships with non- cyber stakeholders.

In his view, understanding others’ challenges and actively assisting in problem-solving breaks down traditional barriers. It’s a refreshing take on cybersecurity, one where engagement and understanding pave the way for innovation and efficiency.

Beyond Firewalls

Manan’s approach to staying updated is as diverse as the ever-changing tech landscape. “I’m subscribed to blogs, journalists, across platforms like Twitter, Threads, LinkedIn, newsletters, and traditional media outlets,” he reveals. His strategy encompasses a broad spectrum, from formal CVE alert systems to insights from vendors.

In the midst of abundant information, Manan adeptly explores podcasts, extracting valuable insights. His diverse approach demonstrates leadership, as he integrates numerous sources, guaranteeing a comprehensive perspective in the swiftly changing technology landscape.

Wielding the AI Shield

In the field of AI and cybersecurity, Manan outlines the dual responsibilities of cyber teams. “Our first role is to support AI initiatives of other teams,” he states, highlighting their collaborative nature. Yet, there’s a formidable challenge—the rise of GenAI technology. “Attackers and defenders both have access to these tools,” Manan observes, emphasizing the decreasing skill barrier for malicious actors.

Despite these challenges, he sees a silver lining. “The cyber and tech industry are also doing some cool things with these technologies,” he notes, pointing towards innovative solutions. GenAI isn’t just a hurdle—it’s a bridge. “Asking Gen AI what the next steps are—there are ways this technology will help bridge the talent gap in cyber,’ he explains, showcasing the potential of AI in empowering cybersecurity professionals.

In the dynamic landscape of evolving technology, Manan demonstrates leadership by acknowledging challenges and recognizing the transformative potential of these technologies. He ensures that cyber teams stay adaptive and proactive in addressing emerging threats.

Where Technology Meets Tenacity

Manan recognizes the need for swift adaptation. “As digital giants like Amazon and Walmart step into healthcare, Providence, with its century-long legacy, must rapidly embrace technology,” he asserts. Under visionary leadership, technology has seamlessly integrated into patient care. Yet, challenges loom. “We have to securely roll out AI models, ensuring the safety of underlying data,” he explains, highlighting the complexity of their task.

Manan’s strategy embodies foresight—a multifaceted approach. “We prepare for advanced adversaries, employing a defense in depth approach,” he states, emphasizing the resilience required to safeguard Providence.

It’s not merely about embracing new technologies, but also about strengthening their foundations. Amidst rapid evolution, the primary objective of delivering care must remain steadfast. According to Manan, leadership entails not only embracing innovation but also reinforcing the current state while envisioning a secure and technologically advanced future for healthcare at Providence.

Cyber Wisdom

Manan  advocates  a  profound  principle in  leading  the  path—empathy  and sympathy. “Understand the motivations of your customers and align your goals with theirs,” he emphasizes. His approach underscores a fundamental truth—being an enabler fosters understanding and collaboration. “Be curious about the problems people are trying to solve and be enablers,” he urges, challenging the conventional ‘no’ mindset.

For him, cybersecurity revolves around comprehending objectives and constraints rather than imposing restrictions. By encouraging curiosity and empathy, leaders can connect innovation with security, fostering a balanced environment where risks are recognized and solutions are developed collaboratively. Manan’s insight applies not only to cybersecurity but also serves as a universal leadership principle—promoting understanding, enabling cooperation and nurturing collaboration for shared success.