Agenda

Date and Time	Title
May 1, 2025 10:30am - 5:00pm (Eastern)	Exhibitor Hall open Your opportunity to visit our solution vendor and association partners, whose sponsorship makes SecureWorld possible! Peruse the many downloadable resources each booth has to offer.
May 1, 2025 11:00am - 11:42am (Eastern)	[Opening Keynote] Google's Visibility into the Healthcare Cyber Threat Landscape This presentation will provide insight into the current cyber threat landscape affecting healthcare organizations, powered by Google’s leading visibility across a range of industries and regions. It will outline trends and operations by notable adversaries such as China and Russia, and the threat they pose to organizations, including critical enterprise deployments such as cloud platforms. It will also feature analysis of artificial intelligence (AI), and the challenges and opportunities its maturation poses to healthcare organizations. The presentation will conclude with practical guidance healthcare organizations can use to improve their cyber defenses and enterprise resiliency.
May 1, 2025 12:00pm - 12:32pm (Eastern)	Behavioral Profiling Approach to Ransomware Defense in Healthcare This session explores a critical but often overlooked dimensions of ransomware: Understanding ransomware threat actor behavior and group dynamics. Unlike many cyberattacks, ransomware attacks actively engage victims—revealing offender behaviors and decision-making while under pressure. This talk delves into: - Behavioral profiling of ransomware adversaries - Group dynamics and negotiation behavior during ransomware incidents - How cognitive biases and heuristics impact decision-making under time compression and uncertainty - Strategies to anticipate and counter adversary tactics through behavioral science In a threat landscape where ransomware attacks are becoming more tailored and manipulative, understanding the psychology of cyber attackers is no longer optional—it’s essential.
May 1, 2025 12:00pm - 12:36pm (Eastern)	[Fireside Chat] Using DNS to Secure Healthcare Systems from Sophisticated Cyberattacks Healthcare is under siege. In 2024 alone, the U.S. Department of Health and Human Services reported 598 major breaches due to cyberattacks—and 2025 is on track to be just as severe. The rapid expansion of connected devices—spanning traditional IT, IoT, and IoMT—has dramatically increased the attack surface, leaving healthcare organizations vulnerable to ransomware, data exfiltration, and disruptions that can impact patient care and erode public trust. DNS is a critical yet often overlooked security control to preemptively stop cyberattacks. But what are the considerations? What does success look like? Join this fireside chat with Krishna Tangirala from Temple University Health System and Tom Grimes from Infoblox to gain insights into best practices to secure healthcare systems. We’ll explore: Preemptively Thwart Threat Actors: Detect and block ransomware, phishing, and C2 communications using DNS Identify Compromised Devices: Identify devices and users that are the source of malicious activity to reduce Mean Time to Response (MTTR). Block Data Exfiltration: Prevent sensitive information from being siphoned off by cybercriminals via DNS tunneling. Protect Brand and Reputation: Detect and take down lookalike domains to safeguard reputation. See and Secure Everything, Everywhere: Comprehensive DNS-layer security to protect every device—PCs, servers, printers, healthcare IoT/OT machines, mobile devices—regardless of hardware, OS, or location. * Reference: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
May 1, 2025 12:00pm - 12:41pm (Eastern)	Futureproof Your Healthcare Organization Against Tomorrow’s Threat Landscape The human element is at the center of most cyberattacks, putting patients, and their personal data, at constant risk. Impersonation attacks, credential theft, and ransomware campaigns disproportionately target healthcare organizations due to the fast-paced nature of clinical work and the high value of protected health information (PHI). Your people have limited time to verify email legitimacy or other communication encounters. Join this 45-minute live discussion with Proofpoint to explore how a human-centric cybersecurity platform can safeguard your clinicians, staff, and patients against today’s most advanced threats. You’ll gain insights from new healthcare threat intelligence research and discover practical strategies to strengthen your defenses. We will explore: The prevalent cyberattacks experienced by healthcare companies New research on where we have observed healthcare’s Very Attacked People (VAPs)—and where to prioritize your threat prevention efforts and mitigate these risks How a multi-layered, adaptive email security service stops credential phishing, Business Email Compromise (BEC), ransomware, and other social engineering attacks in real time Best practices for deploying AI-driven email security to stop human-centric threats, prevent costly breaches, and enhance patient trust
May 1, 2025 12:00pm - 12:39pm (Eastern)	AI-Enhanced SOC Operations: Real-Time Compliance and Threat Management
May 1, 2025 1:00pm - 1:51pm (Eastern)	Hacking a Multi AI Agent System: How to Protect Patient Data in AI Applications In this session, we’ll go over the code for a multi AI agent system that operates over patient data. We’ll go over what makes it insecure, demo exploits, and then take a look at how to mitigate these threats.
May 1, 2025 1:00pm - 1:29pm (Eastern)	Mapping Healthcare Risks: Medical Device Exposures Trends This session will provide an in-depth analysis of the current landscape of medical device exposures, leveraging insights from global scans and data trends. Attendees will explore the evolving attack surface in the healthcare sector, gain visibility into prevalent vulnerability trends, and uncover actionable strategies to enhance their cybersecurity posture. Designed for healthcare security executives, this session equips organizations to identify and prioritize exposure risks, ensuring patient safety and organizational resilience in the face of emerging threats.
May 1, 2025 1:00pm - 1:36pm (Eastern)	Zero Trust Is a Good Start—Continuous Adaptive Trust Is the Goal Legacy network security models that assume a rigid perimeter and implicitly trust everything inside are vulnerable to attack. Unfortunately, this describes the state of many health care systems today. Because so many people with differing roles interact with healthcare data, zero trust principles can mitigate such vulnerabilities and bring health care systems into the modern age. However, zero trust principles are only a starting point. Ultimately, some trust must be extended or nothing happens. Context-aware continuous adaptive trust offers more flexibility than simple binary allow-or-block decisions. Context can change, so it should be continuously evaluated, which might require adapting the level of trust. By balancing trust against risk, well-secured health care systems can match the type of access to the value of protected information assets. In this session, you’ll learn the following about zero trust strategies: the prerequisites and goals the importance of signals as a foundation why combining context and content is so effective a high-level framework for implementation
May 1, 2025 1:00pm - 1:45pm (Eastern)	Harnessing the Strengths of Neurodiversity in Cybersecurity Neurodiversity. What is it, what are the traits, and why are people with these traits attracted to the cybersecurity fields? Rick Doten has managed technical cybersecurity staff for more than 25 years. He’s observed how we have special skills and abilities to perform the work we do; things like identifying patterns, spotting anomalies, learning new information quickly, troubleshooting, and being able to hyperfocus on a tasks until they’re resolved. Rick highlights how some traits help you naturally be good at some cybersecurity roles. This has been a special interest of Rick’s for the last couple years, and he have taken dozens of hours of clinical training to become a certified clinical specialist in Autism and ADHD. He discusses topics such as executive functions, which are the cognitive skills that regulate emotions, impulse control, attention, time management and others, how to manage focus and distractions, and what motivates people. He’ll talk about accommodating these executive functions, how to better gain motivation and focus, and even how people with neurodiversity can be better in interviews. Rick provides techniques, tools, and even apps to help people with neurodiversity be more productive and successful. He lists apps and life hacks to help initiate tasks, manage time, working memory, and reduce procrastination. Rick’s goal is to celebrate how it’s okay that we are different, because the cybersecurity community is a tribe of neurodivergent people who accept, support, and encourage each other.
May 1, 2025 2:00pm - 2:42pm (Eastern)	Secure and Explainable AI in Healthcare Healthcare technology organizations are quickly adopting AI solutions to enhance clinical processes, patient engagement, and operational efficiency. Technology and cybersecurity leaders must embrace the challenge of securing AI solutions while maintaining ethical integrity and regulatory compliance. This session offers a step-by-step blueprint for designing, deploying, and sustaining AI systems in a secure, ethical, explainable, and compliant manner. Drawing on case studies, you will learn about proven strategies for integrating cybersecurity, privacy, and regulatory controls for ethical and explainable implementation of AI solutions in the healthcare industry.
May 1, 2025 2:00pm - 2:42pm (Eastern)	From an Army of One to an Army of a Ton: Creating an Effective Security Awareness Program The human element of security is one of the most difficult to predictand therefore to secure. Additionally, one of our biggest challenges is building a security awareness program for those who may have never been subjected to one by understanding the aversion to buying into the security program. We have great written resources and guidance from things like NIST 800-53, but it’s much more challenging to overcome the sociological elements of the human factor that prevent success of security-aware cultures, such as aversion to technology, fear, uncertainty, doubt, and simply non-malicious human error. As security professionals, we may lose sight of the fact that the professionals we support also have other jobs. So learning and focusing on security controls can be stressful and daunting. Incorporating change management methodologies rooted in the psychology of human behavior, such as ADKAR (Awareness, Desire, Knowledge, Ability, and Reinforcement), can assist us as security professionals in facilitating more impactful cultural change through understanding why employees we support act and react the way they do and what other environmental or social factors may influence their decision-making and thought processes. It can also help us gain buy-in from our leadership, nudging from the bottom up, while leading by example from the top down. The ADKAR change model has been proven to help individuals understand and accept change so companies can successfully innovate and become more efficient. As security professionals, we have to be conscious that security program costs contribute to the rising costs of healthcare, goods, and services. And we often have to find unique and strategic ways to ingrain ownership of security functions within other departments to augment our limited resources. Building a security ambassador program using these change facilitation concepts will help drive cost-effective ownership of the security program throughout the entire organization, creating a deeper business resilience, reducing risk, and truly leading by example—proving we are stronger together.
May 1, 2025 2:00pm - 2:40pm (Eastern)	Defend and Recover: How MHXDR Shields Healthcare from Its Most Visible Threats Healthcare is under siege—not only from ransomware, but from the systemic complexity that undermines fast, effective cyber defense. Traditional detection tools leave healthcare systems blind to gaps, siloed in response, and slow to adapt. It’s time for a shift. Join Blackwell Security for a strategic dive into Healthcare-Specific XDR (MHXDR) and how tailored threat operations create speed, precision, and resilience in the face of relentless threats. This session will explore how our Helix threat operations team and Blackwell Pulse platform work together to unify telemetry, automate triage, and leverage both internal and external threat intelligence—including dark web monitoring—for real-time enrichment and contextual response. We’ll walk through how our Managed Detection & Response (MDR) offering ensures that every alert is relevant, every response is decisive, and every client benefits from collective intelligence. More importantly, we’ll cover how our ransomware resilience layer (Blackwell Aegis) enables near-immediate recovery from attacks that evade traditional EDR, with automated isolation, recovery, and response—because in healthcare, delays cost lives. Whether you’re a CISO or security architect, this session will offer a pragmatic view of how to prevent what you can, respond faster when it counts, and recover without the chaos.
May 1, 2025 2:00pm - 2:59pm (Eastern)	[Panel] The Current Threat Landscape in Healthcare Join us as we dive into several of the top concerns in Healthcare. From deep web cards to BECs, ransomware, and more! Bring your questions for the panel.
May 1, 2025 3:00pm - 3:44pm (Eastern)	HIPAA's Digital Evolution: Understanding the 2024 Security Rule Overhaul The healthcare industry stands at the threshold of its most significant cybersecurity transformation in over a decade with the December 2024 HIPAA Security Rule update. This presentation unpacks the sweeping changes proposed in the Office of Civil Rights’ 330+ page Notice of Proposed Rulemaking, highlighting how these modifications will reshape healthcare cybersecurity practices. At its core, the update eliminates the ambiguous “addressable” implementation specifications that have long allowed healthcare organizations to sidestep crucial security measures. The new rule mandates specific security controls including bi-annual vulnerability scanning, annual penetration testing, encryption requirements, multi-factor authentication, and network segmentation. We’ll explore how these changes reflect the evolution from paper-based records to today’s digital healthcare ecosystem, and why traditional compliance approaches will no longer suffice. The presentation will detail practical implications for healthcare organizations, including new documentation requirements, specific timeframes for access management, and enhanced backup and contingency planning protocols. Whether you’re a healthcare administrator, IT professional, or compliance officer, understanding these forthcoming requirements is crucial for maintaining HIPAA compliance and protecting patient data in an increasingly complex threat landscape.
May 1, 2025 3:00pm - 3:45pm (Eastern)	[Panel] Challenges in Healthcare Leadership Healthcare information security leadership faces a dynamic and intensifying threat landscape. This panel of experts will address critical challenges, including escalating ransomware attacks, stringent privacy regulations, and the complexities of managing insider threats. Discussions will explore strategies for mitigating risks associated with third-party vendors, addressing staffing shortages in cybersecurity, and finding downtime to recharge. Panelists will share insights on balancing patient safety with data protection, navigating compliance requirements, and building resilient security programs in an increasingly interconnected healthcare environment.
May 1, 2025 3:00pm - 3:51pm (Eastern)	Cyber Intel Briefing: Healthcare
May 1, 2025 4:00pm - 4:45pm (Eastern)	[Closing Keynote] Cyber-Resilient Remote Access for Healthcare Workers How to get remote healthcare workers back online from any outage in minutes. Healthcare is under assault from ransomware and other AI-enhanced threats. Healthcare IT leaders especially struggle to get large populations of remote workers back online in the wake of a cyberattack or other downtime event. A slow recovery of the remote workforce can expose your institution to crippling revenue losses, compliance penalties, and loss of productivity. How valuable would it be to empower your remote workers to get themselves back online after a cyberattack or other outage, without IT intervention, in a matter of minutes? That kind of cyber resilience is exactly what leading healthcare institutions are deploying for their remote workers: the ability for any employee to restore their computer from a ransomware attack or other outage with push-button simplicity in a few minutes. In this session, we will: Examine the range of cyberthreats confronting the healthcare industry, including new AI-enhanced ransomware attacks Provide a practical, real-time demonstration of how Acronis Cyber Protect enables One-Click Recovery for remote healthcare workers, enabling them to recover their own computers from any outage in a matter of minutes without IT intervention Examine how Acronis can provide additional cyber resilience across your institution with EDR, Active Protection against ransomware, HIPAA-compliant disaster recovery and more Cybercriminals understand the life-and-death pressures on healthcare organizations to protect uptime and sensitive data, which makes the industry one of their favorite ransomware targets. Generative AI tools like ChatGPT are further improving the ingenuity and scale of these attacks. The probability of a successful ransomware or other cyberattack against your institution is only going up. Get ahead of this threat today by strengthening the cyber resilience of your remote workforce. Join this session to learn how you can enable remote healthcare workers to quickly, reliably and simply restore their computers in minutes after any outage.