Innovation, Collaboration, and Social Responsibility

Blue Cross and Blue Shield of Louisiana chief information security officer Sean Lowder and his team put the “care” in healthcare information security

Chief information security officer Sean Lowder knows exactly what he’s proudest of from his fifteen years at Blue Cross and Blue Shield of Louisiana (BCBSLA): his team. The group is more than sixty people strong, and each is deeply dedicated to protecting the healthcare data of Louisianans. “They care about what we’re doing here; they care about our mission,” Lowder says. “I got lucky in that respect.”

But it seems like more than luck. Lowder’s evident passion for this critical work and his unique managerial style make his team a highly attractive one for anyone who wants to combine an intellectually demanding environment with a community-minded mission.

Insurers like BCBSLA have access to their customers’ entire medical history. They’re charged with safeguarding patients’ addresses, the names of their children, their test results, and the details of every procedure they’ve had performed. Data this valuable isn’t ignored by the world’s hackers, who are keen to try and use it to file false insurance claims, open false lines of credit, or compile a compromising dossier about a government official or public figure.

There’s also the ongoing threat posed by ransomware. Just last year, in fact, a Hollywood hospital was forced to fork over $17,000 in ransom money after hackers installed malware that crippled its operating system and drove some hospital operations to a halt. In a globalized, highly interconnected world, healthcare data is constantly under attack. Lowder describes the state of affairs as “a worldwide crisis in cybersecurity.”

Most detection products on the market today lack context, which could lead to a large number of false positives and low value. “This leads to redundant tools and lots of complexity, making it difficult to identify the signals through all the noise,” says Brandon Swafford, CTO of data protection and insider threat security at Forcepoint, a partner of BCBSLA. “Intelligent systems like Forcepoint’s that understand how people are interacting with information are able to identify normal, anomalous, and malicious usage of data and systems and take action in real-time. This allows for an understanding of when attacks are malicious or identities have been compromised, helping mitigate data theft incidents.”

By its nature, the work of protecting such sensitive data demands top-tier talent. It’s not that mastery of the latest technologies is the lone essential; those competencies can be taught. What sets Lowder’s team apart, he says, is a drive to learn more, the thirst to know everything. “It enables us to keep pace with the rapid evolution of technology and utilize cutting-edge methods in data security,” he says. One of the first employees on the information security team, Lowder is committed to helping his employees expand their skill sets and grow with the company, just as he did.

BCBSLA By The Numbers

1934

The organization was founded in 1934, in the depths of the Great Depression, with just two employees in a one-room office.

1.6M

Eighty years later, it has eight regional offices across the state, serving 1.6 million Louisianans.

1,600

It is the oldest and largest health insurer in Louisiana and has more than 1,600 employees; it’s also mutually held, owned entirely by the policyholders.

$20,000×10

The Blue Cross and Blue Shield of Louisiana Foundation has a twenty-five-year tradition of corporate social responsibility, including grants to Louisiana-based nonprofits and annual dispersal of ten $20,000 Angel Awards, which are given to ordinary Louisianans doing extraordinary good for the state’s children.

Lowder brings his team first-hand knowledge of how to successfully innovate within the rapidly changing world of data security. When he began working at BCBSLA fifteen years ago, technology was much simpler. Most of the insurer’s systems were on a mainframe, and internet usage was limited. Today, information is more cloud-based and dispersed. On the smaller scale, Lowder says that one of the primary technologies his team uses today, User and Entity Behavior Analytics, didn’t even exist a few years ago—and now it’s one of their most frequently used tools for catching bad guys doing bad things.

To make the most of his talented team, Lowder encourages constant collaboration. That way, team members are always pushing each other toward smarter solutions. One of the most challenging aspects of the job is learning to see problems from the point of view of a hacker and designing defenses around the vulnerabilities they would see. These difficult design challenges seem to demand the collective brainpower of a group of brilliant people who bring to the task a range of competencies. “We’re always challenging one another,” Lowder says.

There’s an open-door policy at the office and a strong emphasis on transparency and knowledge-sharing between management and team members. That’s crucial for compliance with regulation around healthcare data, as well as intelligent risk assessment. “It’s like finding a needle in a haystack or, sometimes, finding a needle in a bunch of needles,” Lowder says.

Top technology talent might not think of Baton Rouge as a natural destination. Although it’s not a tech hub on the scale of San Francisco or New York, it has amenities that larger cities might be hard-pressed to match. Lowder cites the excellent food and culture as reasons no one can stand to leave Louisiana once they settle in.

More importantly, it’s a community with strong social solidarity. When Baton Rouge suffered devastating flooding in 2016, BCBSLA immediately pitched in. The organization converted conference rooms to daycares, donated blankets and old clothes, and helped strip and gut water-damaged homes. “Our mission is to improve the health and lives of Louisianans, and we truly live that,” Lowder explains.

His team, too, has a strong sense of responsibility towards the people they serve and are determined to prevent all security breaches. “It’s just too important,” Lowder says. “One screw-up can cause a lot of people a lot of bad days.” They’re conscious of the context in which their work takes place. Louisiana’s population suffers from high rates of obesity, cancer, and opioid addiction. No wonder, then, that Lowder’s team approaches its work with determination and passion.

“We’ve accomplished a thousand projects, a thousand widgets have been pushed through, and a thousand risks have been addressed,” Lowder says. “But, truly, my proudest accomplishment is that I’ve assembled a really terrific team here.” Driven by that team—and that spirit of collaboration and constant innovation—Lowder and BCBSLA are making strides toward better health for Louisianans.