California Healthcare Cybersecurity Forum Agenda

Friday, September 20, 2019
7:30 AM
8:15 AM
8:30 AM
Featured Presentation
9:00 AM
Provider Spotlight
10:00 AM
Industry partners spotlights feature in-depth discussions from select industry partners. All industry partner sessions are reviewed by our advisory council before being presented in the program.
10:30 AM
10:45 AM
11:00 AM
Panel Discussion
Healthcare IoT (HIoT) now extends from one side of healthcare delivery to the other and today that includes an increasing number of medical devices, robots, health automation systems and building management systems none of which hospitals can easily do without.

Most of these connected devices however are not traditionally managed by IT, many don’t appear in any asset management database, most are not patched against vulnerabilities regularly (if ever), and a many are highly vulnerable to cyber-attack and extortion with no current compensating security controls to protect patients. 

In fact, a large number of network and implantable devices are pose a significant patient safety risk if not secured and could cause patient harm or even fatalities.  

This panel of esteemed biomedical and security leaders discusses what can be done to redress the balance, mitigate security risks and protect patient safety.
Learning Objectives:
  • Understand the security challenges of managing medical devices and other HIoT systems
  • Understand the need to Identify, Risk Assess and Manage devices across healthcare networks and the need to implement compensating security controls
  • Describe new technologies to assist healthcare in medical device discovery, risk management and automated remediation of security risk
11:45 AM
Featured Presentation
Dr. Christian Dameff, a practicing emergency medicine physician and leading cybersecurity researched for an in-depth discussion on how cyber professionals can engage clinicians and make them cyber champions for your organization.
12:15 PM
Join your fellow attendees during this lunch featuring engaging, passionate speakers whose talks expose new ideas in healthcare that are supported by concrete evidence and are relevant to current and future industry trends. Presentations will explore novel and counterintuitive approaches to solving the many complex problems facing our health system.
1:00 PM
1:15 PM
Industry partner spotlights feature in-depth discussions from select industry partners. All industry partner sessions are reviewed by our advisory council before being presented in the program.
1:45 PM
Panel Discussion
Cloud computing offers many compelling advantages for organizations. But it is often viewed as less secure than traditional, on-premise data centers. This session will focus on how the security risks in the cloud are not all that different the traditional computing environments. Our presenter will also discuss security lessons learned from their transition to the cloud and debunk several cloud security myths.
2:30 PM
2:45 PM
Featured Presentation
Breaches are on the news seemingly weekly, as organizations are struggling to secure their data. Phishing attacks are proliferating and going after our workforce. Ransomware has taken several victims and is also escalating. Healthcare organizations have become prime targets.

In this talk, I will share strategies to combat the rise of cybercrime, and how to make your networks more secure. I will discuss administrative, technical, and physical security controls. 
  • Have you built a sustainable and dynamic Information Security Plan? Have you shared this with upper management and gotten their buy-in and support?
  • Have you initiated a balanced Security Awareness Program? Are you regularly running scans of both your network and your applications? Are you monitoring your network to detect unusual activity? What about when that dreaded intrusion into your network occurs? Do you know what to do?
  • Are you testing and evaluating your security controls on a regular basis? How often do you test your Disaster Recovery Plan and your Incident Response Plan? Do you have the right people on your IR team?
We are entrusted with highly sensitive data. We must utilize best practices, but they cannot be "best" unless they employ both best privacy and security practices. Come learn if you are doing this and ensure that you indeed protect your confidential information.
Don't allow your organization to become the next victim of a breach. 
3:15 PM
Industry Provider Spotlight
Back in 2005, Marcus Ranum wrote in his “The Six Dumbest Ideas in Computer Security” article that, “sometime around 1992 the amount of Badness in the Internet began to vastly outweigh the amount of Goodness”. So why are we still focused on chasing “badness”? This approach might have been sufficient in the 1990s and arming ourselves with just an antivirus and a firewall gave us a sense of security, but this is definitely no longer the case.
3:45 PM
Effectively communicating how cybersecurity risk exposure changes over time is critical to communicating the value of cybersecurity investments to the c-suite, your board and key stakeholders in your organization. This session will feature discussions on different methods of benchmarking, how to collaborate with peers to share benchmarking data and why cybersecurity benchmarking can be so difficult.
4:15 PM