Agenda

Date and Time	Title
Sep 29, 2022 9:10am - 9:40am (Pacific)	Opening Briefing with Elvis Chan of the FBI
Sep 29, 2022 9:40am - 10:25am (Pacific)	Opening Security Keynote with ExtraHop: It’s Not Killware That Will Get You - The Real Four Horsemen of the Cybersecurity Apocalypse There’s no lack of sensationalist headlines within cybersecurity, not to mention within healthcare. The latest hair-raising headlines making the rounds of both trades are on the topic of “killware,” malware that’s intended to directly cause harm and take lives. At this point, the media attention seems to be driven more by hysteria than reality. However, the root cause of the concern has merit. Cybersecurity within healthcare is of genuine concern and poses significant risk to patients if current trends continue. In this presentation, VP of Security Response Services at ExtraHop and former healthcare CISO, Mark Bowling, will share four of the greatest forces compromising the cybersecurity of the healthcare sector, as well as strategies to combat them.
Sep 29, 2022 10:25am - 10:45am (Pacific)	Darktrace Presentation: Protecting Healthcare with AI-Powered Autonomous Response Cyber-attacks targeting the healthcare industry have been prolific in recent years. Operating at full capacity while combatting fast-moving threats such as ransomware, many organizations have turned to new methods of protecting their organizations. Join John Allen, VP of Risk and Compliance at Darktrace, to discuss the challenges of prioritizing and managing cyber risk using predictive AI technologies. This session includes real-life case studies of crypto-mining and ransomware and how AI was used to detect each stage of the attack and autonomously respond.
Sep 29, 2022 10:45am - 11:10am (Pacific)	Reciprocity Presentation: Hackers Don’t Care if You’re Compliant! The Right Conversation to Mitigate Cyber Risk! 67% of healthcare organizations have experienced significant security incidents in the past twelve months.1 This rise in cyberattacks combined with NIST’s first updated guidance on healthcare cybersecurity in over a decade means you need to take action. Unfortunately, the conversation we’ve been having around cyber risk is the wrong one. The right conversation is centered on business priorities and the company’s appetite for risk so informed investment choices can be made to defensibly protect your company as it operates, grows and expands. Join us to discuss how to shift from “how” you protect to “how well” you protect, implement best practices for risk assessment and mitigation and how to deliver better outcomes with less effort. By attending this session you will learn: Why “how” you protect must shift to “how well” you protect How to tie align InfoSec activities to business priorities New approaches for reducing cyber risk across life sciences and healthcare Why automation is the way to deliver better outcomes with less effort
Sep 29, 2022 11:10am - 11:30am (Pacific)	Tenable Presentation: Security Beyond Ransomware: Strategies for Healthcare and Pharma InfoSec Teams Ransomware has dominated cybersecurity news reports for several years now, but it’s not the only threat organizations are facing today. More and more, organizations are adopting new technologies and services while still needing to maintain existing infrastructure, systems, devices and applications. With growing complexity comes an ever-increasing challenge to understand where we are most at risk and determine how best to mitigate it. In this discussion, we’ll look at what the growing attack surface looks like for many healthcare and pharma organizations and provide strategies for adapting your security program to better understand where vulnerabilities exist across all the various types of assets in your environment and how to mitigate them before the next cyberthreat comes along.
Sep 29, 2022 11:30am - 12:15pm (Pacific)	Panel 1: Evolving Cyber and Privacy Risks in a COVID-19 World This panel will discuss: How COVID-19 has shifted the cyber threat landscape The compliance risks that come into play as organizations adapt their systems and processes to meet needs during the pandemic Privacy as a partner, instead of prevention
Sep 29, 2022 12:15pm - 12:35pm (Pacific)	Forescout Presentation: Exploring a Zero Trust Architecture in the Healthcare Industry – How to get started and pitfalls to avoid Digital transformation in the Healthcare industry is causing an explosion of hyper-connected IT, IoT and IoMT devices and, with it, a greatly expanded cyber-attack surface. With constant transformation and the explosion of interconnected devices, how do you even begin to plan for a zero trust architecture beyond the managed users and workstations? In this session you will learn: How NIST defines Zero Trust and their 7 steps to get there. Some of the common pitfalls to avoid. Why Zero Trust doesn’t stop at managed users and workstations – IoMT devices must be included in the architecture planning up-front.
Sep 29, 2022 12:55pm - 1:45pm (Pacific)	Panel 2: The Healthcare & Pharma Breach - Who's the more prominent target, the patient or the company? This panel will discuss: Who are the VAPs (very attacked people), and why are they being targeted? Top insider threat risks Healthcare organizations face in 2022 Analysis of the Top Healthcare Breaches of 2021 State-specific Privacy Rules, GDPR, and proposed changes to the Privacy Rule – How will this affect the landscape of future breaches?
Sep 29, 2022 1:45pm - 2:00pm (Pacific)	Sevco Presentation: Security Starts with Comprehensive Asset Intelligence
Sep 29, 2022 2:00pm - 2:20pm (Pacific)	ManageEngine Presentation: How To Secure Healthcare Organizations In The Era Of Digital Transformation The IT network of a healthcare organization is markedly different from that of other organizations. While the industry has quickly adopted new technologies such as telemedicine, wearables and big data, it is still plagued by security challenges due to legacy equipment and shortage of IT staff. In this 20-minute talk, you will hear about these challenges and concrete steps healthcare organizations can take to understand their risk exposure, and thus improve network visibility and security maturity. Agenda: ‌Understanding the state of digital transformation in healthcare Developing network diagrams to know your network Gaining visibility through asset and resource discovery Prioritizing risk after a total risk assessment Identifying security gaps to address Improving security with a next-gen SIEM solution
Sep 29, 2022 2:20pm - 2:40pm (Pacific)	Fortinet Presentation: Cybersecurity Threats and Challenges for Today’s Pharmaceutical Companies As pharmaceutical companies increasingly digitize data and store it online, they become more susceptible to pharmaceutical cyberattacks. While the industry is comprised of a number of sub-industries with different business models and technology needs, they all must control extremely sensitive and valuable information and ensure an effective security framework. Drug and device manufacturers and biotech companies retain proprietary data ranging from secret formulas for patented drugs, to patient and customer information, to scientific research and advancements. The industry is being attacked by adversaries adept at exploiting vulnerabilities and carrying out disruptive cyber campaigns. Cyber threats are used by a variety of bad actors with a range of intended system consequences. These attackers are better resourced and more capable of accomplishing disruption than ever before. In addition to hackers seeking financial gain, pharma companies also have to worry about the full capabilities of nation-states or other pharmaceutical companies with state sponsorship. Consequences of a successful breach are dire and may include contaminated drugs, stolen intellectual property (IP), needing to repeat clinical trials, damaged reputation, downtime, litigation, and lost revenue. In this session, we will explore the top threats and challenges pharmaceutical companies must overcome when securing their networks, and what’s driving them.
Sep 29, 2022 2:40pm - 3:30pm (Pacific)	Panel 3: Ransomware - Its Climbing Impact on Healthcare Organizations This panel will discuss: The state of ransomware today: some of the latest cyber threats and cybercriminals’ changing tactics How to identify warning signs and attackers leave trails Creating a well-run security operations center for healthcare systems and data to protect from ransomware
Sep 29, 2022 3:30pm - 3:50pm (Pacific)	Prisma Cloud Presentation: Securing Your Code to Cloud Journey The last few years have brought significant change to how we work. The Pandemic forced many people to work from home or remote locations, cyber-attacks continue to become more aggressive and Russia’s invasion of Ukraine has spawned additional cyber risks. Companies continue to move to the cloud and are making robust investments in applications and infrastructure. This session will address the ever-changing technology and business climate and suggest how to protect organizations in this challenging environment.
Sep 29, 2022 3:50pm - 4:15pm (Pacific)	Abnormal Security Presentation: BEC vs. Ransomware in the Healthcare Industry From CaptureRX to University Medical Center Southern Nevada, ransomware has made headlines for healthcare organizations. But is it the most dangerous threat out there? Join us to hear Crane Hassold, Director of Threat Intelligence at Abnormal Security, discuss the variety of threats in today’s landscape, and why ransomware is only one of your concerns. He’ll answer questions like: – How has the cyber threat landscape changed over the past decade? – What drives threat actors to change their methods and tactics? – Why should stopping business email compromise be at the top of your priority list? – And what will change as new regulations are put in place? With full insight into the past, present, and future of the threat landscape, this presentation will provide you with everything you need to understand what could be targeting your organization next.
Sep 29, 2022 4:15pm - 4:50pm (Pacific)	Closing Keynote with Errol Weiss, CSO of Health-ISAC: Scoping the Cyberthreat Landscape in Healthcare The year 2021 was a challenging one for cybersecurity, with several high-profile compromises that impacted even large and well-protected healthcare organizations. The presentation will cover nation state, cybercrime, and other cyberthreats including hacktivism facing today’s healthcare organizations. Attendees will be provided a copy of the Health-ISAC Annual Cyber Threat Landscape Report, which can be leveraged to influence cybersecurity budget and investment decisions for senior leaders and IT/security practitioners in the healthcare sector. The presentation will conclude with basic recommendations and offer additional resources attendees can use including the full threat landscape report. Learning Objectives: Learn about the top cyberthreats facing the healthcare sector. Leverage the threat landscape report to influence cybersecurity budget and investment decisions. Discover practical steps and resources that attendees can use to improve the cybersecurity posture of their own personal profile and business environments.