HealthsystemCIO.com August 6, 2025
Anthony Guerra

As cyber threats become more sophisticated and health systems diversify their operations, new roles are emerging to close the gap between business needs and cybersecurity imperatives. One such position is the Business Information Security Officer (BISO), tasked with tailoring security strategies to the unique demands of each operational unit. At Michigan Medicine, Ashley Gelisse serves in this role, working to align risk management with the institution’s research, academic, and clinical missions while ensuring cybersecurity measures support productivity rather than impede it.

Gelisse’s position shows how cybersecurity is evolving beyond traditional, centralized models toward a more nuanced, relationship-driven approach that recognizes the complexities of large, federated health systems.

Defining the BISO Role

The BISO role functions as a bridge between cybersecurity...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Technology
Related Articles:
OT–IT Cybersecurity: Navigating The New Frontier Of Risk
STAT+: Hospitals and Epic demand better security for patient records
‘Complexity is where cyber risk tends to grow’
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Your Organization Isn’t Cyber Ready... It Just Thinks It Is

Share Article