Like it or not healthcare delivery is changing, we are more reliant upon technology today than ever before to diagnose, treat, observe, manage and monitor patients. A basic systems outage is enough to bring an entire hospital or clinic to its knees. Just look at what happened in the UK when Ransomware took down much of the NHS. But our technology reliance is not just focused on IT systems any longer, there are a multitude of different Healthcare Internet of Things (HIoT) devices that we use to improve patient outcomes. All kinds of medical devices, from IMDs, to pumps, to scanners, to patient and nurse call systems, all of which are critical in direct patient care. And let’s not forget, that we cannot do without HVAC systems, elevators, power, water and other building management systems, nearly all of which are now ‘smart’ and ‘connected’. What happens when these simple devices are attacked by extortionists and cyber-criminals? Do most of us even know how many we actually have in each location, when they were last patched, and what security risks they pose to patients and to hospital IT systems? Just because they may be connected to an isolated network or VLAN doesn’t mean they are isolated. How can we gain greater visibility into what’s happening in our hospitals and become better prepared to defend ourselves from the next inevitable attack?

Join our panel members for an in-depth discussion on current cybersecurity trends and issues in healthcare. Discussion topics will span from board/stakeholder engagement to cloud security, to risk management frameworks, medical device security and more.

As health systems become larger, more geographically diverse and care delivery becomes more networked and fragmented, the concept of segmenting the network into smaller, more manageable zones is becoming a cybersecurity best practice. It’s about reducing available attack surfaces and stopping attacks from propagating beyond the originally compromised or infected network segment but is it really achievable in healthcare? What needs to happen for it be implemented successfully.

Fully managed SIEM/MSSP is an affordable option for establishing a SOC; however, most providers offer black-box solutions with limited visibility and assurance that the environment is secure. Internally managed SIEM is expensive, requiring significant resources and funding, but offers rich features, customization, and visibility. Co-managed SIEM + MSSP offers the benefits of both approaches, including reasonable costs with the additional visibility and assurance.

As threats have become more advanced and the healthcare industry has been increasingly targeted by cyber-attackers, security teams are struggling to keep up. The security skills shortage coupled with limited resources magnifies the challenges already posed by machine-speed attacks, insider threats, and low-and-slow attacks. Cyber AI serves as a force multiplier for organizations’ security teams, triaging alerts, prioritizing the most important threats, and even taking action on behalf of security teams to interrupt threats. In this session, hear about: 

• Discuss how to detect and respond to threats using AI and machine learning 
• Explore real-world examples of AI augmenting security teams
• Provide best practices to keep up with today’s rapidly evolving cyber attacks

Securing medical devices is one of the greatest challenges facing healthcare providers today and, yet, there is little information in the industry regarding best practices, common struggles and how organizations are overcoming them, and which manufacturers are seen as most secure and transparent about vulnerabilities. Join this session to learn about how your colleagues are managing medical device security in their organizations.

This session hosted by Tanium will explore a real-world use case of a ransomware attack that spread throughout a government organization, in turn causing all IT management systems to be encrypted.  Dylan DeAnda, VP of Enterprise Services, will lead a discussion of the risks leading up to the breach, what steps the CIO took to recover the enterprise and lessons learned. Hear how to avoid such a situation and protect what’s critical to your IT structure.

Managing access to your networks, applications and devices through a strong Identity and Access Management program is a challenge for information security and business leaders alike. Join this session to learn how clinical leaders, hospital administration, CIOs, CISOs and other critical members of your leadership team must work together to develop a strong identity and access management strategy that secures your organization.