Event Agenda
June 12th – 13th 2024 // Boston, USA
June 12th – 13th 2024 // Boston, USA
Day 1 // June 12th 2024 08:50 – 5:20 (EST) |
|
08:50Opening Address Chaired By Michael Prakhye, CISO, Adventist HealthCare | |
09:00Panel Discussion: Leveraging Insights into the Healthcare and Life Sciences Threat Landscape
– Moderator: David Anderson, CISO, Ensemble Health Partners |
|
09:40Presentation: Modern Deception Technology - Advanced Methods for Reducing Cyber Risk
|
|
10:20Networking Break | |
11:00Presentation: How to Effectively Address Third Party Risk Management Pain Points in Healthcare In a world where the adoption of cloud tools and services keeps increasing, what does a comprehensive approach to third-party risk management look like? Join this session as we share key takeaways and hands-on advice on how to tackle the complex processes of identifying, assessing and mitigating third-party risk. . – Krista Arndt, CISO, United Musculoskeletal Partners . |
|
11:30 Presentation: Tackling the Device and Lifecycle Management Challenge Without an accurate inventory, many HDOs struggle to manage day-to-day workflows and make comprehensive device life-cycle decisions. Join this session to familiarize yourself with ways of tackling this challenge, through real-world examples of organizations we have helped overcome it. . – Cynerio . |
|
12:00 Panel Discussion: How Can We Build Stronger Incident Response Strategies?
– Moderator: Bryan Chnowski, Deputy CISO, Nuvance Health |
|
12:40 Lunch | |
1:40Case Study: Identity & Access Management: Lessons Learned from St. Jude Children's Research Hospital Identity and access management is a crucial component of any healthcare organisation’s security strategy. In this session, Lynette will first shed some light on the Identity & Access Management program she is running within St. Jude Children’s Research Hospital, touching upon their unique access needs, compliance considerations, risk levels, major pain points and how these are being tackled. She will then share some key lessons learned that can be beneficial to other healthcare organisations, both in terms of governance and risk remediation strategies. . – Lynette Larkins, Director of Information Security, St. Jude Children’s Research Hospital . |
|
2:10Presentation : Leveraging Pentesting to Improve Your Own Organization’s Security
|
|
2:40Presentation: Reducing Exposure to Cyber Attacks for IoT Medical Devices The Internet of Medical Things (IoMT) is revolutionising how we keep patients safe. But how do you ensure you can trust these devices? Join this presentation to hear the top ways of enabling total device, data and operational trust. . – Device Authority . |
|
2:50CISO Fireside Chat: Maximizing Cybersecurity on a Budget - A Healthcare Perspective Budget constraints are often one of the most challenging obstacles in the way of a strong cyber security posture. In this fireside chat, a few CISOs share their first-hand insights and advice on how to make the most out of limited resources, through: .
– Moderator: Jim Covington, VP Information Security & Privacy, SomaLogic |
|
3:30Networking Break | |
4:00Roundtables : T1: AI in Healthcare: Use cases, Risks, Security Policies and Practices – Ping Identity . T2: Cyber Insurance: Protecting the CISO During Incident Investigations . T3: Bolstering Defences Against Phishing and Social Engineering . T4: Pharma 4.0: Addressing Security Concerns Stemming From Legacy Systems in OT . |
|
4:40Panel Discussion: Streamlining Regulatory Compliance in Healthcare: How Do We Get There?
– Moderator: Krista Arndt, CISO, United Musculoskeletal Partners |
|
5:20Closing Remarks & Drinks Reception |
Day 2 // June 13th 2024 08:50 – 4:40 (EST) |
|
08:50Opening Address Chaired By Michael Prakhye, CISO, Adventist HealthCare | |
09:00Panel Discussion: A Culture of Shared Responsibility Between HDOs and MDMs: What It Looks Like, and How to Achieve It Cybersecurity is essential to protecting patient safety. Amidst securing devices, protecting patient data and complying with changing regulatory requirements, HDOs and MDMs must work together to build a culture of shared responsibility when mitigating cyber risk. In this panel discussion, we explore key questions such as: .
– Moderator: Phil Englert, VP of Medical Device Security, H-ISAC |
|
09:40Presentation: Managing SBOMs and Vulnerabilities: Where Do I Begin? If you are trying to secure a diverse set of medical devices and don’t know where to start, this session is for you. We will provide actionable insights into: .
|
|
10:10Networking Break | |
10:50Presentation: Actionable Insights into Successfully Establishing a Medical Devices Security Program The role of HDOs in ensuring the security of medical devices as a part of the life cycle management is becoming more prevalent. In this talk, we illustrate a framework for a medical devices security program for HDOs modelled on the NIST Cybersecurity Framework and where patient safety is a top of mind concern and priority. We will also share some lessons learned through implementing one within our organisation. . |
|
11:20 Fireside Chat : Tightening Your Security Posture: Best Practices & Resources – Daniel King, Chief of Cybersecurity, Region 1 (New England), CISA . |
|
11:50 Presentation: Overcoming Network Segmentation Challenges in a Healthcare Environment In this session, we discuss how to enable effective network segmentation for healthcare organizations throughout their segmentation initiative, by developing an asset catalog, mapping communications, access control list export, and policy building. We will also look at a case study, to look more closely at how we helped an HDO do just that. . – Wiz . |
|
12:00 Panel Discussion: HSCC Five-Year Health Industry Cybersecurity Strategic Plan: How Do We Meet the Objectives? The Health Sector Coordinating Council recently published the Five-Year Health Industry Cybersecurity Strategic Plan (HIC-SP) – 2024-29, which identifies 12 cybersecurity objectives to focus efforts on. In this panel discussion, our experts discuss practical, hands-on strategies to meet the following objectives: .
– Moderator: Greg Garcia, Executive Director, Health Sector Coordinating Council Cybersecurity Working Group |
|
12:40 Lunch | |
1:40Case Study: Rolling Out a Vulnerability Management Plan - The Journey of Boys Town In this talk, we share our experience with rolling out a vulnerability management plan. We will touch upon: .
– Mike Welna, Director Information Security, Boys Town |
|
2:10Case Study: Surviving a Ransomware Attack: Lessons Learned from the Healthcare Industry In this session, we will walk you through lessons learned from notable ransomware attacks and how to improve your organisation’s resilience. We will talk about what you should be doing to prepare, what to do during the incident, how to recover safely and who you should be working with to comply. . – Esmond Kane, CISO, Steward Health Care . |
|
2:40CISO Fireside Chat: Turning the Board Into Your Greatest Ally In order to drive cybersecurity advancement, turning the Board into your greatest ally is vital. This, of course, requires skillful communication and a deep understanding of the business you operate in. In this fireside chat, the CISOs from Adventist HealthCare, QuidelOrtho and Christiana Care Health System and Ensemble Health Partners share their hands-on advice on: .
– Moderator: Michael Prakhye, CISO, Adventist HealthCare |
|
3:20Networking Break | |
3:50Group Discussion: How Can We Beat the Talent Shortage? Understaffed IT and security departments are one of the biggest challenges in the healthcare world. It’s time to get creative: how can we beat the talent shortage? . – Rick Doten, VP and Healthplan CISO, Centene Corporation |
|
4:30Closing Remarks | |
4:40End of Conference |