ismg summit logo

July 18, 2023

Healthcare Security Summit

9:00 AM ET - 4:00 PM ET


In-person event

Event Overview

ISMG Summits feature carefully curated agendas, a keynote address from an industry luminary, case-based learning, networking and more. The summits are geo-targeted, industry-specific and topic-driven events designed for security leaders.

ISMG’s agendas provide actionable education and exclusive networking opportunities with your peers and our subject matter expert speakers.

Venue

Convene

151 West 42nd Street, New York, NY 10036

Topic Highlights

  • CISA’s Vital Role in Safeguarding Healthcare Infrastructure

  • Generative AI in Cyber Healthcare

  • Essential Considerations for HIPAA Compliance and Data Protection

  • Updates and Enhancements to the HICP Guide

Nitin Natarajan

Deputy Director, CISA

Michael DeNicola

Supervisory Special Agent, FBI

John Frushour

Vice President, & CISO, NewYork-Presbyterian Hospital

Oren J Falcowitz

Security Officer, Cloudflare

Melanie Fontes Rainer

Director, HHS

Suzanne Schwartz

Director for Strategic Partnerships & Technology Innovation at the Center for Devices and Radiological Health, FDA

Phil Englert

VP Medical Device Security, H-ISAC

Romanus Prabhu Raymond

Director of Product Support, ManageEngine

Peter Halprin

Partner, Pasich LLP

Anahi Santiago

CISO, ChristianaCare

Greg Garcia

Executive Director, Health Sector Coordinating Council

David Holtzman

Principal, HITPrivacy LLC

Rocco Grillo

Managing Director, Alvarez & Marsal

Theresa Lanowitz

Head of Cybersecurity Evangelism, AT&T Business

John Fahey

Cybersecurity Specialist, Infoblox

Priscilla Sandberg

Director Healthcare Strategy, Pure Storage

Speakers

Thought Leaders Leading Deep-Dive Discussions on Stage

ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, at interactive workshops and networking events. Learn from the who’s who in the cybersecurity industry, passionate about the latest tools and technology to defend against threats.

Agenda

You can now view or download a PDF version of the attendee guide.

Registration and Breakfast

Nitin Natarajan

Deputy Director, CISA

Collaborative Cybersecurity Solutions: CISA's Vital Role in Safeguarding Healthcare Infrastructure

Through this interactive fireside chat, attendees will have the opportunity to delve deeper into ways to building effective partnerships to enhance cyberthreat information sharing, leverage CISA’s expertise to bolster incident response and recovery capabilities, and discuss CISA’s role in supporting the healthcare sector.

Key Discussion Points:

  • CISA’s collaborative approach: Overview of CISA’s initiatives and resources available to healthcare organizations;
  • Strengthening cyber resilience: Empowering entities to combat modern cybersecurity challenges;
  • Enhancing cybersecurity education and awareness across healthcare entities;
  • Future-proofing cyber planning: Developing a comprehensive understanding of the evolving cyberthreat landscape;
  • Addressing regulatory and compliance requirements while strengthening cybersecurity posture.
 

Attendees will leave this session equipped with actionable insights and practical strategies to fortify their cybersecurity defenses, effectively leverage CISA’s support, and adapt their cyber planning to address the ever-changing healthcare landscape. Don’t miss the opportunity to gain a comprehensive understanding of the healthcare cyberthreat landscape and discover innovative approaches to protect patient data and critical infrastructure.

Nitin Natarajan, Deputy Director, CISA

Priscilla Sandberg

Director Healthcare Strategy, Pure Storage

Emerging Cybersecurity Insights and Trends From a Data Storage Perspective

Perspectives from a healthcare data storage solution partner will help offer fresh insights and trends as emerging best practices. Leveraging your existing investment in data storage solutions can provide real value to cybersecurity protection, detection, response and recovery.

 Topics will include:

  • Tiered resiliency architecture;
  • Rapid ransomware recovery;
  • Emerging examples of the cybersecurity mesh architecture, CSMA;
  • Modern backup solutions for healthcare;
  • Rapid availability of production data for investigators.

Priscilla Sandberg, Director Healthcare Strategy, Pure Storage

Theresa Lanowitz

Head of Cybersecurity Evangelism, AT&T Business

The Healthcare Edge Ecosystem: Breaking Down Silos Toward a Secure Future

Based on new research, Theresa Lanowitz explains how these new relationships drive innovation focused on patient or business requirements, increase resilience, and improve security. She will share the business drivers for edge use cases and how organizations are shifting budgets to support and secure these initiatives.

Theresa Lanowitz, Head of Cybersecurity Evangelism, AT&T Business

John Frushour

Vice President, & CISO, NewYork-Presbyterian Hospital

Anahi Sanitago

CISO, ChristianaCare

Unleashing Generative AI in Cyber Healthcare: A Double-Edged Sword

The discussion will delve into the following aspects:

  • Where generative AI is being used in healthcare now, and which AI tool is the most promising, looking ahead?
  • What are the cybersecurity and privacy threats and risks involving these generative AI use cases in healthcare?
  • How can generative AI be used to improve cybersecurity and privacy in healthcare?

John Frushour, VP and CISO, NewYork-Presbyterian Hospital

Anahi Santiago, CISO, ChristianaCare 

Networking and Exhibition Break

Melanie Fontes Rainer

Director, Department of Health and Human Services' Office for Civil Rights

Essential Considerations for HIPAA Compliance and Data Protection: Expert Advice From Director Fontes Rainer

In this exclusive session, attendees will:

  • Gain insight into the latest HHS OCR guidance materials that cover topics such as the use of online tracking technologies and HIPAA considerations;
  • Stay informed about the agency’s HIPAA rulemaking activities and gain an understanding of their enforcement priorities;
  • Discover critical considerations that are essential for HIPAA-covered entities and business associates to ensure compliance and protect sensitive health information.

Melanie Fontes Rainer, Director, Department of Health and Human Services’ Office for Civil Rights

Romanus Prabhu Raymond

Director of Product Support, ManageEngine

Vaccine for Cyber Risk Syndrome: The UEM Approach

The session will cover:

  • Business-focused security and employee-friendly practices with unified endpoint management;
  • The right response and recovery strategy for endpoints to enhance cybersecurity;
  • A practical approach to protect the endpoints for secure user access.

Romanus Prabhu Raymond, Director of Product Support, ManageEngine

Solutions Showcase

Lunch and Exhibition Break

Michael DeNicola

Supervisory Special Agent, FBI

The Shape Shifters: The Rise and Reinvention of Business Email Compromise Attacks

To enhance your learning experience, we invite you to join one of the ten tables for this collaborative session co-moderated by a CyberEdBoard member and an esteemed security leader.

Tom Field, senior vice president of Editorial at ISMG, will kick off the session with a fictitious security scenario. Each group will receive identical sets of questions and work collaboratively to find the answers. As the exercise progresses, new information will be revealed, adding unexpected twists and turns to the scenario. Through this dynamic approach, participants will be challenged to apply critical thinking and work as a cohesive team to effectively respond to the evolving situation. Our goal is to provide a stimulating and engaging learning experience that equips you with the skills and knowledge needed to handle real-world security scenarios.

Michael DeNicola, Supervisory Special Agent, The FBI New York Office, Cyber Branch

Rocco Grillo

Managing Director, Alvarez & Marsal

Peter Halprin

Partner, Pasich LLP

Anahi Santiago

CISO, ChristianaCare

John Frushour

Vice President, & CISO, NewYork-Presbyterian Hospital

Anatomy of a Business Email Compromise Attack and Their Mutations (and Why They Continue to Be Successful Today)

Through a combination of small group discussions, expert attendees will work through the life cycle of a business email compromise, BEC, attack.

What does participation in the Solution Room look like?

To enhance your learning experience, we invite you to join one of the ten tables for this collaborative session. Tom Field, senior vice president of Editorial at ISMG, will kick off the session with a fictitious BEC scenario. Each group will receive identical sets of questions and work collaboratively to find the answers. As the exercise progresses, new information will be revealed, adding unexpected twists and turns to the scenario. Through this dynamic approach, participants will be challenged to apply critical thinking and work as a cohesive team to effectively respond to the evolving situation. Our goal is to provide a stimulating and engaging learning experience that equips you with the skills and knowledge needed to handle real-world BEC scenarios.

Rocco Grillo, Managing Director, Alvarez & Marsal 

Peter Halprin, Partner, Pasich LLP 

Anahi Santiago, CISO, ChristianaCare 

John Frushour, CISO, NewYork Presbyterian Hospital 

Networking and Exhibition Break

Phillip Englert

VP Medical Devices Security, Health ISAC Inc

Suzanne Schwartz

Director for Strategic Partnerships & Technology Innovation at the Center for Devices and Radiological Health, FDA

Medical Device Cybersecurity: Essential Regulatory Updates and Developments

The briefing will be followed by a panel discussion with esteemed expert Phil Englert, vice president of medical devices security at the Health Information Sharing and Analysis Center. Together, they will explore the implications of the FDA’s enhanced authority and explore emerging threats and challenges facing the medical device industry.

Key Discussion Points:

  • Vetting Cybersecurity in Pre-Market Submissions: Attendees will gain insights into the FDA’s “refuse to accept” policy, set to take effect on October 1, and its impact on ensuring early consideration and mitigation of cybersecurity risks during the development phase.
  • Implications for Device Makers and Healthcare Entities: Understand the necessary adjustments required to meet the enhanced cybersecurity requirements and ensure patient safety.
  • Emerging Cyberthreats and Challenges: Insights and strategies to address these evolving risks, empowering attendees to proactively protect patient privacy and the integrity of medical devices.

Join us for this thought-provoking session, which aims to equip stakeholders with the knowledge and tools necessary to navigate the evolving landscape of medical device cybersecurity and safeguard the future of healthcare.

Phillip Englert, VP Medical Devices Security, Health ISAC Inc

Suzanne Schwartz, Director for Strategic Partnerships & Technology Innovation at the Center for Devices and Radiological Health, FDA

Oren J Falkowitz

Security Officer, Cloudflare

You’re Going to Need a Bigger Boat-the Reality of Phishing

Oren J. Falkowitz lifts the lid on the recent evolution of sophisticated methods of phishing and the impact it is having, citing odd horror stories along the way. By analyzing some of these incidents, the workshop also provides techniques and methodologies to protect against these attacks, overviewing the role of your security incident response team and forecasting what future phishing attacks may present.

Oren J Falkowitz, Security Officer, Cloudflare

David Holtzman

Principal , HITPrivacy LLC

Enhancements to the HICP Guide: Safeguarding Healthcare Cybersecurity

It now encompasses the top 10 cybersecurity practices that are highly pertinent and cost-effective in mitigating the prevailing cybersecurity threats faced by the healthcare industry.

During this informative session, we will delve into the following crucial areas of focus:

  • Unveiling the New Topics and Changes: Discover the pivotal updates introduced in the HICP guide and understand why they hold immense importance for healthcare CISOs and their teams.
  • Navigating the Latest Cybersecurity Challenges: Discover practical strategies for implementing these practices to safeguard your organization’s sensitive data.
  • Achieving Regulatory Compliance and Avoiding Penalties: Gain a deeper understanding of how adherence to these practices can provide a safe harbour to protect your organization from regulatory fines and penalties in the event of a cybersecurity incident compromising health information.

We are grateful for the generous support of this presentation, made possible by a grant from the Cyber Trust Alliance.

David Holtzman, Principal, HITPrivacy LLC

Closing Comments

Don’t miss your chance to attend this dynamic impactful event

#ISMGSummit

@ISMG_News

Our Sponsors

The Summit Experience

CPE Credits

Our Summits offer Continuing Education Credits. Learn informative and engaging content created specifically for security professionals.

Upcoming ISMG Events

October 12, 2023

Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process

October 17, 2023

Cybersecurity Summit: Financial Services

November 9th, 2023

Engage: Government

October 17, 2023

Cybersecurity Summit: Financial Services

October 4th, 2023

Your Most Important Asset: Data - Is It Really Secure?

Upcoming ISMG Events

October 12, 2023

Test Like a Hacker: Put Offensive Cybersecurity into Your Build Process

November 9th, 2023

Engage: Government

October 17, 2023

Cybersecurity Summit: Financial Services