Day 2- Thursday, September 14th

7:30 AM - 8:10 AM Networking Breakfast

Opening Keynote

8:10 AM - 8:50 AM Model Driven Security: Security Professionals Need to Learn Data Science

Jim Routh, Chief Security Officer , Aetna


Over two years ago, Jim Routh hired a highly talented chief data scientist and asked him to pull together data from multiple sources in a big data environment to better understand where to allocate scarce resources. While he was building out the infrastructure an interesting thing happened, Jim noticed multiple implementations of machine learning applied to frontline security controls having significant success with very few problems. He subsequently realized that model driven security had arrived except it was being deployed at the frontline of online security controls instead of the backend according to the original plan. This likely represents the evolution of the security professional to data scientist. Jim will discuss the talent management implications of model driven security.


img

Jim Routh

Chief Security Officer
Aetna

Plenary Session

8:55 AM - 9:25 AM Are You Sick of Digital Transformation? Here’s How to Cure it - - or at Least Make it Work for Security & Privacy

Tony Douglas, Regional Director,
Every healthcare organization’s IT department is busy chasing its tail around some number of “digital transformation” projects. This is happening even while breaches increase, ransomware expands and more projects are initiated with the same people doing the work. If healthcare wants to transform itself with digitalization and automation - - it better start with security, since everything else is about information and information technology.

Key Take Aways:

•Shortcomings in organizational culture are the biggest barriers to “digital transformation” or success in the digital age

•While risks must be understood and managed, healthcare as an industry must become less risk averse and be able to better calculate risks - - whether in security strategy or population health processes

•Siloed mind-sets and a failure to instil accountability in the right place have long tormented healthcare, but this cannot continue if we want to make healthcare secure and truly transform the industry in terms of automation, digitization, IoT, remote care and all the promise of information and information technology


Tony Douglas

Regional Director

9:30 AM - 10:00 AM Business Meeting

10:00 AM - 10:30 AM Business Meeting

10:30 AM - 10:45 AM Networking Break

BrainWeave B

10:45 AM - 11:30 AM The Bus Factor: Future-Proof your SOC

Rishi Bhargava, Co-Founder & VP Marketing, Demisto
Will your hard-earned security posture survive if you get hit by a bus?

Keeping up with the challenges of alert fatigue, a shortage of skilled staff, and lack of documented security processes is difficult enough. But how would your security posture stack up if you suddenly died?

This so-called bus factor is something every SOC team should consider, as they must constantly modify and improve their response to attacks, even in worse-case scenarios.

Attend this discussion to learn how Flatiron (a healthcare technology and services company focused on accelerating cancer research) mitigates their security risk via knowledge management within a security orchestration platform.

By implementing a consistent and documented incident management process, all knowledge acquired is kept within the product for future reference. Flatiron eliminates uncertainty and empowers their workforce with security answers that every analyst can now access. Having such a “force multiplier” effect helps the healthcare company retain talent, reduce burnout, and mitigate the all-important bus factor.

Benefits from implementing a comprehensive security orchestration platform include:

•An overall hardened security posture,
•Enhanced analyst productivity (from Tier 1-3), and
•Future-proofed security operations

img

Rishi Bhargava

Co-Founder & VP Marketing
Demisto

Master Class B

10:45 AM - 11:30 AM NextGen Endpoint Defense and What You Need to Know!

Explore a fundamentally different approach to Endpoint Protection: Real-time protection against advanced threats driven by machine learning and intelligent automation.
This session covers why the endpoint is at the center of almost every breach and according to the trends that fact will not change. In the end executives should be armed with the information to move forward (or not) with a "NextGen" endpoint solution.
In this session:

•Explore the current state of endpoint defense software why those approaches are sinking faster then the titanic.
•Review quick debunking of the magic that is machine learning

• Live demonstration and deconstruction of ransonware attack


Session/Panel

11:35 AM - 12:05 PM Changing the Paradigm on US National Critical Infrastructure Cybersecurity

Ronald Banks, Director of Information Security, Risk, and Governance , Abbott
The Healthcare Sector is just one of 16 US critical infrastructure sector that must work together and with the US government to effectively defend cyber threats. In recent years, cyber threats have shifted their focus to the healthcare sector, and yet the sector is years behind in developing the capability to contend with the threat. The US government too has an obligation to protect the nation against the threat, yet the partnership between public and private security efforts are not effective to thwart this threat. The session dives into the development of a new national strategy to partner together to deter and defeat the threat.

img

Ronald Banks

Director of Information Security, Risk, and Governance
Abbott

Ignite Session

12:05 PM - 12:30 PM Ignite Sessions: Cyber Security in Healthcare

Steve Leatherman, Managing Director, Healthcare at BlackRidge Technology, BlackRidge
Two Quick Fire Presentations in 20 Minutes. Talk about getting to the crux of the matter, fast!

Topics Include:

•Reduce Risk and Improve Patient Care with a New Approach to Cyber and IT Security- Speaker Steve Leatherman, Managing Director, Healthcare, BlackRidge Technology

•Sending it to the Clouds: Potential Healthcare Data Security Issues- Speaker Marianna Prodan, Senior Product Marketing Manager- Healthcare, Accellion




img

Steve Leatherman

Managing Director, Healthcare at BlackRidge Technology
BlackRidge

12:30 PM - 1:30 PM Networking Lunch

1:30 PM - 2:35 PM Four Most Dangerous Security Holes in Your Mobility Policy

Thomas Moore, Sales Director for South Central , Skycure
Hackers are finding new ways to steal data and infiltrate healthcare organizations daily. A number of trends are driving the need for mobile threat defense, including the ubiquity of mobile devices among doctors, nurses and patients, BYOD, and the rise of cyber attacks. Attend this roundtable session to discuss the best practices on how to avoid mobile attacks and secure both BYO and corporate-owned devices. The session will also include a live interactive demo of an ethical hack in which the discussion leader will hack any iOS or android device in less than 60 seconds. Dare to participate?


img

Thomas Moore

Sales Director for South Central
Skycure

1:30 PM - 2:35 PM Hardening Cloud Security while Speeding Up Operations

Richard Eisenberg, VP of Client Development , Cloudvisory

img

Richard Eisenberg

VP of Client Development
Cloudvisory

2:40 PM - 3:10 PM Business Meeting

3:10 PM - 3:40 PM Business Meeting

BrainWeave C

3:45 PM - 4:30 PM The Rise of Cybercrime as a Service: Which Threats Should We Address First?

Kevin Flynn, Director of Worldwide Product Marketing, Skybox Security
This session will cover what's been driving the shift to distributed cybercrime, how to align your vulnerability management with real-world threat behavior, and what intelligence and tools are needed. Monetarily motivated attacks are by far the most prevalent cyber threats to organizations worldwide, yet vulnerability management techniques have largely failed to adapt to a threat landscape dominated by distributed crimeware. By understanding the commercialization of attack tools and services - particularly the vulnerabilities they use, re-use and share - vulnerability management can focus on the small subset of vulnerabilities that are exploited in the wild and packaged in distributed crimeware. This threat-centric approach improves vulnerability prioritization and focuses remediation on the relatively small number of exploitable vulnerabilities, greatly reducing risk through efficient, intelligent processes.
In this session:

•What's been driving the shift to distributed cybercrime

•How to align vulnerability management with real-world threat behavior

•The intelligence and tools needed

img

Kevin Flynn

Director of Worldwide Product Marketing
Skybox Security

MasterClass C

3:45 PM - 4:30 PM Threats in a Connected Healthcare World

Rob Bathurst, Managing Director for Healthcare and Life Sciences, Cylance Inc.
Cybersecurity in the healthcare industry is often fraught with technological misunderstanding and a lack of institutional knowledge about organizational attack surfaces. Attackers use this misunderstanding to find intrusion avenues that may not be protected via already deployed enterprise security solutions.

This talk will cover an overview of healthcare security risks, threats, attack avenues and approaches for defending patients, their records and your systems.


Rob Bathurst

Managing Director for Healthcare and Life Sciences
Cylance Inc.

4:30 PM - 5:00 PM Business Meeting

5:00 PM - 5:30 PM Business Meeting

5:30 PM - 6:00 PM Business Meetings/Networking Break

Session/Panel

6:00 PM - 6:45 PM Developing a Security Culture within Healthcare

Cliff Donathan, Sr. Director Information Security, Experian Health
Corporate culture comes up frequently in conversation. In this session, examine the effect of culture on cyber security. Corporate culture rather than technology may be what saves healthcare in the event of an attack. Take a deeper look at making security a team sport and play to your organization’s strengths.

•Developing intuitive security awareness

•Fitting the security program into existing culture

•Building diversity into your security team


Cliff Donathan

Sr. Director Information Security
Experian Health

6:45 PM - 6:45 PM Networking Cocktail Reception