Tuesday, September 25

8:00 AM - 8:50 AM Networking Breakfast

8:50 AM - 9:00 AM Chairperson’s Opening Remarks


9:00 AM - 9:40 AM Strengthening Security for All Stakeholders With Evolving Breaches and Emerging Technologies

Cyber security affects the entire healthcare community; no one is immune from a breach. The effectiveness of internal preparedness is vital. Practical risk management is a mind-set. Executives must learn and keep in balance the interests of stakeholders, the mission, asset value and the real impact of an attack. Breaches will happen; the focus needs to be how the organization should minimize disruptions, handle ransomware and other attacks including proactive incident response and business continuity measures. This includes mitigating against chip vulnerabilities such as Meltdown and Spectre. Efforts to automate include integrating emerging technologies with existing security tools and bolstering processes to protect from human errors and insider threats. Executives must convey security is a continued enterprise investment.
In this session:
•Hardening networks from technology and financial standpoints
•Balancing automation and expert human analysis
•Testing incident response and ensuring backup and recovery processes


9:40 AM - 10:10 AM Lessons Learned from Weathering Hurricane Irma

Inclement weather, mass casualties and cyber threats like Wanna Cry have all impacted health systems including clinicians, patients, suppliers and providers. When tragedy strikes, healthcare organizations must be able to maintain operations and provide continuity of care as the community recovers. This case study highlights how careful planning is required for the integrity of information security systems during natural disasters especially when a Level 1 Trauma Center is located in Florida on an island, below sea level. The discussion will explore how the hospital system weathered a hurricane without losing power and without electronic health records going down, as well as practical lessons learned.
In this session:
•Prioritizing and overcoming challenges to the cloud
• Embracing the cloud with full visibility while managing shadow IT
•Identifying gaps and ensuring regulatory compliance through the cloud

10:15 AM - 10:45 AM Business Meetings

10:45 AM - 11:15 AM Business Meetings

Workshop Discussion

11:15 AM - 12:00 PM Creating and Fostering a Culture of Cybersecurity Awareness and Compliance

With the abundance of cyber attacks in healthcare, a robust security culture is vital. A security culture is for humans since computers do exactly what anyone tells them to do. Within the security industry there is a problem of empathy where the victims of the cyber security breaches are punished. The whole world, which utilizes security systems, needs to be engaged to have truly effective security. A sustainable security culture is larger than a single security incident. In this session, explore establishing a positive security culture with new systems of collaboration and communication.
•Planning long term with staff development and culture awareness
•Improving understanding to encourage investment in security
•Providing a persistent and sustainable security culture that interacts and influences at all levels
•Widening talent searches outside of IT

12:00 PM - 12:30 PM Chairperson’s Closing Remarks