Southwest Healthcare Cybersecurity Meet-Up Agenda
|Friday, November 15, 2019|
Like it or not healthcare delivery is changing, we are more reliant upon technology today than ever before to diagnose, treat, observe, manage and monitor patients. A basic systems outage is enough to bring an entire hospital or clinic to its knees. Just look at what happened in the UK when Ransomware took down much of the NHS.
But our technology reliance is not just focused on IT systems any longer, there are a multitude of different Healthcare Internet of Things (HIoT) devices that we use to improve patient outcomes. All kinds of medical devices, from IMDs, to pumps, to scanners, to patient and nurse call systems, all of which are critical in direct patient care. And let’s not forget, that we cannot do without HVAC systems, elevators, power, water and other building management systems, nearly all of which are now ‘smart’ and ‘connected’.
What happens when these simple devices are attacked by extortionists and cyber-criminals? Do most of us even know how many we actually have in each location, when they were last patched, and what security risks they pose to patients and to hospital IT systems? Just because they may be connected to an isolated network or VLAN doesn’t mean they are isolated.
How can we gain greater visibility into what’s happening in our hospitals and become better prepared to defend ourselves from the next inevitable attack?
There are documented threats to our nation’s critical healthcare infrastructure related to healthcare data breaches that put patients and their protected healthcare information at risk. The threats have grown in number and sophistication in the past decade due to the nearly universal adoption of digital health records and the rise of interoperability. The human and economic consequences of cyber-threats to all sizes of healthcare organization are profound because patients’ lives are put at risk and the viability of healthcare organizations can be impacted irrevocably.
At a time characterized by the rapid evolution in technology and an exponential growth in the threats, the gap in the number of cybersecurity professionals in the workforce to address these threats continues to grow. This presentation will document the acute needs for a trained workforce to combat cyber threats in Texas, the United States and globally. The barriers, challenges and opportunities associated with workforce development in healthcare cybersecurity and privacy also will be described. Innovative solutions to address the diverse and acute workforce challenges will be presented, including initiatives being undertaken by members of the Health and Public Health Sector Coordinating Council (HSCC), Cybersecurity Working Group, a public private partnership established under Presidential Policy Directive 21 for coordinating strategic and policy approaches to protect our nation from significant cyber and physical threats https://healthsectorcouncil.org.
The presenter will advocate that educational models focused on patient safety must be employed to creatively engage practicing healthcare professionals in ambulatory and inpatient settings with role-based cyber hygiene skills, and to ensure that healthcare professions’ students integrate cyber awareness into their professional training. To protect against rapidly evolving threats, healthcare organizations need both technical and non-technical cybersecurity talent working together to manage risk. A new workforce pipeline should be developed to educate leaders who can fill critical, non-technical, risk-management roles in healthcare environments. An innovative educational program recently developed and piloted at The University of Texas at Austin to develop non-technical leaders in healthcare privacy and security risk management also will be presented.
Industry Partner Spotlight
Modern healthcare services rely on digitized patient information, interconnected clinical systems and ubiquitous accessibility. As digital transformation accelerates, the industry is vulnerable to costly data breaches that cripple operations and patient care services. Boards expect security teams to invest in the right technologies and practices to predict threats and stop them before they disrupt operations or land your business in the headlines. But it’s easy to get disoriented in a fractured, cluttered and noisy security vendor landscape. And it’s challenging to demonstrate security investment value.
Learn how to navigate the latest threat landscape, demystify security strategies and pick the right options so your security team and your C-suite can align priorities to business objectives, determine risk tolerance and make the necessary security investments to protect from disruption or exploitation.
Join our panel members for an in-depth discussion on the issues that are most challenging for them today and how they are addressing them.