Pacific Northwest Healthcare Cybersecurity Forum Agenda
|Wednesday, November 20, 2019|
This session will focus on how CISOs address and new and upcoming tech in their risk management program. Discussion topics will include how CISOs are bolstering their cyber programs with innovative technology, how AI will impact risk management, and the advent of deep fakes and information security.
Managing risks are part of a robust information security program. Our organizations have come to depend on a complex network of third-party relationships. Reliance on third-parties can drive performance, but also pose significant risks. Many organizations are still struggling to effectively manage their third-party information security risks. Risks are especially evident in contracts we enter into with our third parties without consideration for how the organization might be impacted. This session will cover:
Industry Partner Spotlight
Visibility is great, but what Visibility by itself. It’s not enough to just know about the devices and the risks they pose. You also need to automate the processes to mitigate the risks and orchestrate the appropriate controls. In this session, we will explore how Asset Intelligence from Forescout enables robust automated restrictions and orchestrated workflows.
Join Dr. Dameff a practicing emergency medicine physician who is also a hacker and security researcher interested in the intersection of healthcare, patient safety, and cybersecurity as he discussed how cybersecurity teams can strategically work with clinicians to manage risk and provide the best care possible.
Industry Partner Spotlight
CrowdStrike's 2019 Global Threat Report details how adversaries typically dwell for 1 hour and 58 minutes before taking action after they've initially gained access to a machine. This "Breakout time", is all the time until an intruder jumps from the machine that’s initially compromised and moves laterally through your network.
Lunch and Learn
There has been tremendous growth in the percentage of network traffic that is encrypted over the last decade. With this comes many challenges for incident responders. Decrypting the traffic is often hard, if not impossible. The rise of encryption has undoubtedly increased privacy for users but we know that threat actors take advantage of it as well. As network defenders our visibility is impacted, and traditional network monitoring detection will not always work.
In this talk we will discuss the problem of encrypted traffic as it pertains to network detection and response, educate you on new developments in SSL/TLS, and demonstrate how you can still hunt for and detect badness in encrypted traffic. This talk will be relevant to junior analysts all the way up to senior analysts at mature SOCs.
The problem of out of date legacy hardware, operating systems and applications across the healthcare industry is endemic. This is especially so at small hospitals and clinics where tiny IT and security staffs and highly constrained budgets, prevent the upgrading of end-of-life and often vulnerable technologies. Aggressive sun-setting of Windows versions by Microsoft and near constant patching requirements compound the pressure on small IT staffs to support and secure their health IT infrastructure. Poor coordination between HIT vendors and Microsoft causes healthcare applications to break if patched or remain vulnerable if unpatched. This situation introduces risk into the healthcare delivery environment as IT systems continue to operate with unpatched CVEs and unsupported hardware and software.
With limited budgets and no panaceas on the horizon, how can CIOs and CISOs of small or critical access facilities get away from continuing to support dangerous legacy hardware and software? This session looks at the complexity of problems and explores options to reduce risk and solve the legacy hardware and OS problem for good.
Industry Partner Spotlight
Designing a Strategy for Healthcare Security, Resiliency and Continuity: Proactively Protecting Your Entire Connected Infrastructure
In today’s hyper-connected healthcare enterprise, the quantity and heterogeneity of devices connected to your enterprise network is massive – and rapidly growing. Every area of your institution is a model of connectivity – critical medical, security, facilities and enterprise devices all need access to data in order to aid in the continuing delivery of quality care. While these devices all represent an opportunity to continually improve patient care, institutional efficiency, and physical security, they also represent potential points of vulnerability.
Developing a strategy of proactive protection of these devices – and the network to which they are connected – is essential to the security, resiliency and continuity of your healthcare organization’s operations. However, these devices represent an unique challenge in that they cannot be regulated and secured with traditional agent-based network security solutions. This new era of hyper-connectivity requires a new approach, utilizing your existing best-of-breed network and security infrastructure for enforcement of very sophisticated and granular policies that effectively regulate and control the communication behavior of every class of device. It is only through this strategy of proactive protection that you can fully take control of your connected infrastructure, increasing network security, building unbeatable system resiliency, and ensuring the continuity of quality healthcare delivery and institutional operations.
Breaches are on the news seemingly weekly, as organizations are struggling to secure their data. Phishing attacks are proliferating and going after our workforce. Ransomware has taken several victims and is also escalating. Healthcare organizations have become prime targets.
In this talk, I will share strategies to combat the rise of cybercrime, and how to make your networks more secure. I will discuss administrative, technical, and physical security controls.
We are entrusted with highly sensitive data. We must utilize best practices, but they cannot be "best" unless they employ both best privacy and security practices. Come learn if you are doing this and ensure that you indeed protect your confidential information.
Don't allow your organization to become the next victim of a breach.
Join our panel members for an in-depth discussion on current cybersecurity trends and issues in healthcare. Discussion topics will span from board/stakeholder engagement to cloud security, to risk management frameworks and more.
Brian Collentine, CISSP Director of IT Infrastructure, PHP
Richard Greenberg, CISSP Information Security Officer, President, ISSA of Los Angeles Chapter
John Kronick, Chief Information Security Officer, Prime Healthcare
Paul Schofield, Director, Services and Support, CyberMDX