Marissa Darden stepped into the CISO role at Greenway Health in 2024 and wasted no time. In just 18 months, she has taken the security team from four to twelve members, closed all critical audit findings, and implemented a zero-trust architecture across the company's cloud-hosted EHR platform.

Greenway Health, which serves over 100,000 healthcare providers, had been facing a backlog of critical audit findings. Darden, who previously spent eight years at Ciox Health building its security program through its acquisition by Datavant, brought her experience to bear on the problem. She prioritized the most critical findings, rallied the team, and systematically addressed each one.

'''It was a matter of focus and execution,''' Darden said in an exclusive interview with CISO Internals. '''The team was capable, but they needed a clear roadmap and the resources to get the job done.'''

With the audit findings addressed, Darden turned her attention to modernizing the company's security architecture. She championed a move to a zero-trust model, a security framework that assumes no user or device is trusted by default. The implementation across Greenway's EHR platform was a major undertaking, but one that Darden felt was essential to protect patient data.

'''In healthcare, trust is everything,''' Darden said. '''A zero-trust architecture is the best way to ensure that we are protecting our providers and their patients from the ever-evolving threat landscape.'''