In 2025, healthcare security leaders face unprecedented pressure. With the Change Healthcare breach fallout still looming, adversaries are refining tactics – using ransomware, AI deepfakes and third-party vulnerabilities to exploit gaps in identity systems, medical devices and cloud infrastructure. Meanwhile, states like New York are mandating stronger protections and response requirements, signaling decentralized cybersecurity oversight. The 2025 Healthcare Security Summit unites CISOs, technology leaders and officials to tackle this threat landscape, from digital identity and OT security to continuity planning, AI-driven detection and supply chain defense, equipping leaders to build lasting resilience.
View our ISMG Event Experience video to see what your peers are saying about their participation.
270 W 43rd St, New York, NY 10036
NOTE: All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.
Dr. Suzanne Schwartz, MD, MBA, is the director of the U.S. Food and Drug Administration’s Office of Strategic Partnerships and Innovation within the agency’s Center for Devices and Radiological Health, which among other responsibilities, is tasked with formulating the FDA’s medical device cybersecurity policy. She also has served as co-chair of the Government Coordinating Council for the healthcare and public health critical infrastructure sector.
ISMG Summits bring the foremost thought leaders and educators in the security space to the stage, at interactive workshops and networking events. Learn from the who’s who in the cybersecurity industry, passionate about the latest tools and technology to defend against threats.
Hospitals alone produce an average of 50 petabytes of data each year, encompassing electronic health records, medical imaging, genomic data and information from wearable devices. This rapid expansion presents significant security, privacy and compliance challenges for healthcare organizations. As the volume of health data continues to grow, projected to reach a 36% compound annual growth rate by the end of this year, it becomes imperative to implement robust strategies to manage and protect this sensitive information.
Key Takeaways:
Anirudh Kannan, CISO Advisor, Health Care and Life Sciences, Google Cloud
Rob Suarez, CISO, CareFirst BlueCross BlueShield
Jigar Kadakia, CISO, GeneDX
James Rutt, CIO/CISO, The Dana Foundation
Mike Nelson, VP, Digital Trust, DigiCert
Adversaries can strike through any number of endpoints, quishing attacks, or the software supply chain.
These risks play out daily in hospitals, doctor’s offices, and ambulances. Is your organization ready to defend and remediate cyber incidents? Is your incident response plan formalized?
This session explores newly released data from the 2025 LevelBlue Spotlight Report: Cyber Resilience and Business Impact.
Attend this session to learn:
Theresa Lanowitz, Chief Cybersecurity Evangelist, LevelBlue
Scott Gee, Deputy National Advisor for Cybersecurity & Risk,
American Hospital Association
Verizon’s latest DBIR report found the share of data breaches involving third-party suppliers doubled in 2024. This session will explore the evolving third-party risk landscape in healthcare and provide actionable strategies to enhance vendor oversight and integrate third-party risk management into your overall cybersecurity program.
Vince Crisler, Former White House CISO, CISO, Celerium
Attackers are increasingly using AI-driven automation and advanced evasion techniques to bypass traditional defenses, with account takeover and business logic abuse becoming key tactics. This session delivers timely insights from Radware’s Cyber Threat Intelligence data, offering a focused look at how threat actors are adapting their methods to exploit healthcare-specific technologies. CISOs and security leaders will walk away with actionable strategies to strengthen defenses, protect critical services, and stay ahead of emerging attack trends.
Learning Objectives:
Chip Whitt, Principal Security Evangelist, Radware
Agentic AI is poised to become your largest digital workforce, operating autonomously, and introducing unique challenges to traditional cybersecurity paradigms. The only way to deploy AI agents safely is to make identity the control plane, giving you the confidence to scale, enforce governance by design, and prove business value fast. Join us to hear a vendor-neutral blueprint, pragmatic guardrails, and best practices for safely implementing Agentic AI.
Jamey Doherty, Senior Sales Engineer, Ping Identity
Key Discussion Points:
Vetting Cybersecurity in Pre-Market Submissions: Attendees will gain insights into the FDA’s expectations for cybersecurity in pre-market medical device submissions to the agency, including what device maker should consider in mitigating cybersecurity risks during the development phase.
Implications for Device Makers and Healthcare Entities: Understand the necessary requirements to meet FDA’s enhanced cybersecurity expectations and ensure patient safety.
Emerging Cyber threats and Challenges: Insights and strategies to address these evolving risks and emerging AI-related issues to empower attendees to proactively protect patient safety, privacy and the integrity of medical devices.
Dr. Suzanne Schwartz, MD, MBA, Director, Director, Office of Strategic Partnerships & Technology Innovation, Center for Devices & Radiological Health, FDA
As adversaries refine tactics—using sophisticated, AI-driven attacks and exploiting third-party vulnerabilities—the traditional, reactive security model is no longer sufficient to secure a decentralized, multi-cloud threat landscape.
In this 30-minute session, we will demonstrate how to move beyond fragmented, siloed security to a unified, strategic fabric. Drawing on proven examples from within the healthcare sector, we will present a new point of view on cloud security. We will show how the Aviatrix Cloud Native Security Fabric (CNSF) provides a foundational network and security layer designed to build lasting resilience across your entire cloud footprint. You will learn how to:
Discover how to take control of your cloud environment, transforming fragmented security into a unified, resilient, and compliant foundation for the future of healthcare.
Tom Davis, VP of Industry Solutions, Aviatrix Systems
Drawing on peer insights from healthcare leaders, Russell shares lessons learned, low-cost strategies, and practical steps to protect patients and strengthen programs. Walk away with real-world ideas you can apply immediately.
Russell Teague, CISO, Fortified Health Security
TonyP will challenge conventional risk assessment practices and unveil how emphasizing real-world exploitability and impact can revolutionize your security approach. Drawing from over 150,000 autonomous pentests, he’ll share compelling stories and actionable insights that reveal how viewing your cyber terrain through an attacker’s lens can uncover hidden vulnerabilities, optimize resource allocation, and fortify your defenses against advanced threats. Don’t miss this chance to learn from a leading industry trailblazer on why it’s time to “go hack yourself” to build resilience in today’s borderless threat environment.
Anthony Pillitiere, Co-Founder, Horizon3.ai
Donald Eckel, CISO, NJ Department of Health
Our panel of regulatory and legal experts will dive into these issues:
Peter Halprin, Partner, Haynes Boone
Sara Goldstein, Partner, BakerHostetler
Jennifer Kreick, Partner, Haynes Boone
RSVP here to attend our events. You can select for multiple or individual tickets.
NOTE: All requests to attend will be reviewed by event staff and approved based on professional qualifications and event capacity.
Our Summits offer Continuing Professional Education Credits. Learn informative and engaging content created specifically for security professionals.
Upcoming ISMG Events