Everyone is curious about threat modeling. If you're new to the discipline, or if past efforts to threat model haven't met your goals, perhaps part of the problem is confusion over what works, and how the various approaches can fit into the way you work. This talk captures lessons from years of helping organizations around the world threat model more effectively. It's designed to help everyone, including device makers or HDOs all of whom will leave with both threat modeling lessons from Star Wars and a proven foundation, enabling them to threat model effectively.

Healthcare Systems across the nation face the difficult task of securing protected health information (PHI), Personal Identify Information (PII) and payment cardholder industry data (PCI), along with adhering to multiple complex regulations.  The threat landscape, attack surface, and business strategy continue to evolve requiring security programs to be agile and efficient to support organizational digital transformation.  This forum will focus on how integrated health systems should adopt a highly integrated security platform to reduce complexity, increase effectiveness of security controls, improve efficiency, and reduce overall security technology total cost of ownership with partner and technology rationalization.

Join us for an in-depth discussion on how healthcare delivery organizations across the world have maintained a strong security posture while rapidly shifting as much patient care delivery to remote connections, even before being able to fully securitize their telehealth-based operations, while responding to the COVID-19 outbreak.

Balancing security and usability is always a challenge, especially in environments with high availability, critical data, and diversity. Any data loss or downtime can have dramatic consequences, but your patch deployments and update procedures require user interaction or even multiple reboots. These challenges will reflect in your endpoint management and patch status. Without the right tools, you will quickly lose track of your patch status and potential vulnerabilities. Adding more security features will be a big challenge, due to the lack of transparency and acceptance from your users. 

In this session, we will show you how to improve your endpoint security by designing update procedures tailored to your environment. This will enable you to integrate patch management for windows and 3rd party updates with better user acceptance. With tools like our baramundi management suite, you can take the next steps to add more security with features like BitLocker management, vulnerability management, software deployment, or even dedicated mobile device management. We focus on a holistic approach with usability and transparency in mind. From completely silent rollouts to full user interaction in defined time frames,  baramundi makes it easy to create your individual processes. 

After the presentation and live demo, we will be available to answer your questions around endpoint security and management.

This session will provide a roadmap for reducing risk in 2021. Preventing a breach in the coming year is going to be particularly difficult because most risk reduction strategies require significant increases in security spending, while analysts predict decreased security budgets. Using the MITRE ATT&CK framework, Netta will run through the anatomy of a modern attack to articulate this problem. Through this lens, she will explore the reasons why spending more doesn’t necessarily equate to stopping more attacks. More importantly, she will demonstrate some ways in which you can make impactful improvements to your security posture while managing to cut costs.

Securing medical devices is one of the greatest challenges facing healthcare providers today and, yet there is little information in the industry regarding best practices, common struggles and how organizations are overcoming them. Join this session to learn about how your colleagues are managing medical device security in their organizations.