| Date and Time | Title | |
|---|---|---|
| Feb 25, 2026 11:00am - 11:51am (Eastern) | [Opening Keynote] Securing Autonomous Agents: The New Trust Frontier in Healthcare The healthcare and life science industry is transitioning from simple chatbots to Agentic AI—autonomous systems that take action. This shift introduces a systemic vulnerability: the “Agentic Gap.” This session explores the evolution from data theft to logic hijacking. We examine how threat actors target “Shadow Agents” within workflows using indirect prompt injection to manipulate AI decision-making. In this era, attackers may not “hack” systems but rather “convince” agents to bypass instructions. We provide strategic guidance for governing agents and establishing rules of engagement. Attendees will gain a holistic approach to securing autonomous tools, ensuring patient safety as teams are empowered by AI. Learning Objectives:
|  |
| Feb 25, 2026 12:00pm - 12:45pm (Eastern) | Beyond the Link: A Deep Dive into Telegram’s Shadow Economy In the modern threat landscape, a single malicious link is often just the entryway into a sophisticated, multi-layered financial ecosystem. For investigators, the trail doesn’t end at the malware execution; it leads into the increasingly complex world of encrypted messaging platforms that function as their own parallel networks. This session provides a “play-by-play” forensic breakdown of a live cryptocurrency scam investigation. Led by a Network Intrusion Forensics Analyst from the U.S. Secret Service, we will deconstruct the anatomy of an attack from the initial infection vector to the final laundering stages. Attendees will gain insight into:
Join us for a deep dive into the digital underground, where we strip away the layers of encryption to reveal the machinery of modern financial crime. | |
| Feb 25, 2026 12:00pm - 12:43pm (Eastern) | What to Expect Post Incident from HHS OCR Most healthcare entities have to report incidents that impact Protected Health Information to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). What does the initial reporting look like? What comes next? Will HHS OCR have follow-up questions or audit our cybersecurity practices? If so, what will they look for? How do we survive these audits? What are the likely and potential penalties? | |
| Feb 25, 2026 1:00pm - 1:45pm (Eastern) | Pick Your Poison: The Healthcare Leadership Face-Off In the high-stakes world of healthcare cybersecurity, there are rarely perfect solutions—only difficult trade-offs. Join us for an unscripted, high-energy session where top Health Sector leaders face off on the industry’s toughest hypothetical scenarios. Moderated in a rapid-fire game show format, our panelists will be presented with difficult “Would You Rather” choices ranging from ransomware dilemmas and legacy IoT risks to budget constraints and insider threats. They won’t just pick a side; they have to defend it. Attendees will gain a unique window into the minds of security leaders, understanding how they weigh patient safety against data privacy, and operational uptime against regulatory compliance. Come ready to vote on who makes the best case for the worst situations. | |
| Feb 25, 2026 1:00pm - 1:45pm (Eastern) | Speaking the Language of Risk: Bridging the CISO-CFO Divide For years, the relationship between security leadership and finance has been defined by a fundamental “language barrier.” While the CISO talks in vulnerabilities and threat vectors, the CFO thinks in terms of ROI, capital allocation, and fiscal resilience. This session moves beyond the myth that “security is too expensive” to address the real issue: a lack of shared vocabulary. Join a veteran vCISO and a seasoned CFO for a candid conversation on how to align technical requirements with business objectives. Attendees will learn how to transform security metrics into financial risk data that commands boardroom respect and secures long-term investment. The problem isn’t the budget; it’s the dictionary. | |
| Feb 25, 2026 1:00pm - 1:55pm (Eastern) | Healthcare's Data War Has Begun Healthcare is living through the greatest digital convergence in history—where AI, cloud computing, and cybersecurity are no longer separate disciplines, but interdependent forces shaping how patient care is delivered and how Protected Health Information (PHI) is managed. In this new era, your most valuable asset—patient trust and data—is under constant threat, not just from cybercriminals targeting hospitals, but from the rapid digitization of your own clinical infrastructure. In this high-impact session, Dr. Eric Cole, former CIA hacker and trusted advisor to Fortune 100 CEOs, exposes the critical blind spots healthcare organizations face as they race to adopt clinical AI and migrate to the cloud—often without a coherent data protection strategy. You’ll discover how attackers are exploiting this convergence to bypass traditional hospital defenses, how AI is both a weapon against privacy and a shield for defense, and why the cloud isn’t inherently secure for medical data—unless you make it so.
Whether you’re a CEO, CISO, or healthcare leader, this session will empower you with actionable frameworks to:
The convergence is already here. The question is, are you leading with confidence, or leaving your patient data on life support?
| |
| Feb 25, 2026 2:00pm - 2:48pm (Eastern) | [Panel] Threat Landscape: Defeating BEC, Ransomware, and Supply Chain Chaos in Healthcare For today’s healthcare organizations, “security” is no longer about preventing a breach—it’s about ensuring clinical continuity. Business Email Compromise (BEC) and Ransomware have become industrialized, targeting the interconnected web of vendors and cloud services that hospitals rely on every day. This session provides a pragmatic blueprint for securing the modern healthcare ecosystem against its most frequent attackers. We will move past the hype of “black swan” events to look at high-probability solutions for hardening the human element against BEC, exposing the “East-West” lateral movement used by ransomware, and leveraging cloud-native infrastructure for rapid recovery. Attendees will learn how to build a defense-in-depth strategy that ensures when the network is under fire, patient care doesn’t stop. | |
| Feb 25, 2026 2:00pm - 2:56pm (Eastern) | Healthcare Cyber Debrief Healthcare is no longer on the sidelines of global conflict; it is a primary target. This session connects the dots between global geopolitical volatility and the immediate risks to hospital operations and patient safety. We will examine how conflicts involving major players like Russia, China, and the EU are reshaping the cyber threat landscape, specifically targeting medical research, critical infrastructure, and the healthcare supply chain. The discussion will pivot to the “internal” threat, analyzing the rapid evolution of AI in diagnostics and administration, and the resulting privacy minefield. From financially motivated ransomware gangs to state-aligned actors seeking to disrupt care, we will profile the adversaries threatening the sector. Join us for a 2026 outlook that moves beyond compliance, offering a battle-tested framework for maintaining resilience in the face of global instability. | |
| Feb 25, 2026 2:00pm - 2:44pm (Eastern) | Your Weakest Link: Saying Goodbye to Vendor-Induced Chaos Healthcare continues to lead all sectors in third‑party data breaches, with large‑scale events like the Change Healthcare incident underscoring how deeply vendor failures can disrupt operations and expose PHI. In today’s increasingly interconnected world, third‑party incidents pose significant operational, security, and compliance risks.
For InfoSec teams, this means incident readiness must extend beyond your own network. Proactive vendor‑risk management is critical: risk‑based vendor tiering, rigorous pre‑engagement security assessments, stronger BAA and contract terms, continuous monitoring of vendor controls, and routine reassessment of high‑risk partners. With regulators increasing scrutiny of vendor oversight and response timelines, organizations must also ensure alignment with evolving regulatory expectations.
This session will give IT and security professionals a streamlined view of today’s third‑party threat landscape, practical guidance for managing and responding to vendor incidents, and actionable steps to build a more resilient vendor‑risk program before the next outage, breach, or supply‑chain event hits. | |
| Feb 25, 2026 3:00pm - 3:28pm (Eastern) | Authenticity, Uniqueness, and Credibility: Securing Healthcare Identity in the Age of AI As Generative AI accelerates synthetic data creation, the healthcare sector faces critical risks in telemedicine fraud and provider impersonation. In this session, I will introduce the AUC Framework—a practical model for designing trust signals in identity systems. Drawing from large-scale infrastructure experience at LinkedIn and Oracle Health Sciences, we will explore leveraging metadata, cryptographic provenance, and AI-based verification to distinguish legitimate providers from synthetic actors. Attendees will gain architectural strategies to preserve trust and compliance within an increasingly AI-mediated healthcare ecosystem. | |
| Feb 25, 2026 3:00pm - 3:41pm (Eastern) | Resilience Is Not a Backup Plan: Designing Secure Health Systems That Can Adapt Under Fire Healthcare organizations don’t fail because of cyber incidents—they fail when systems are brittle, fragmented, and unable to adapt under stress. This talk explores resilience as a design principle across people, technology, and governance, connecting cybersecurity decisions directly to patient safety and care continuity. Drawing on real healthcare leadership experiences, we’ll examine why resilience cannot be delegated to IT—and what leaders must do differently to build systems that bend instead of break. | |
| Feb 25, 2026 3:00pm - 3:53pm (Eastern) | Inside the Digital Mind: How Cyberpsychology Shapes Behavior, Risk, and the Cyber Landscape This session explores how human behavior in digital environments directly shapes modern cyber risk. Drawing from the research of forensic cyberpsychologist and author Mary Aiken, this talk reveals why people think, react, trust, click, overshare, and make decisions differently online — and how attackers exploit those predictable patterns. Participants will learn how digital psychology influences threat exposure, identity compromise, misinformation, social engineering, and organizational security culture. Attendees will walk away with practical, human-centered strategies for building safer digital environments and strengthening security programs by aligning controls with real human behavior. | |
| Feb 25, 2026 4:00pm - 4:52pm (Eastern) | [Closing Keynote] Critical Condition: The Health-ISAC Global Threat Report Healthcare is no longer just a target for data theft; it is a battleground for patient safety and operational resilience. In this exclusive session, the Health-ISAC (Health Information Sharing and Analysis Center) unpacks their Annual Global Threat Report, revealing the most dangerous trends facing the sector today. From the evolution of extortion tactics and supply chain vulnerabilities to the weaponization of AI, we will dissect the adversaries’ new playbook. Join us to move beyond the headlines and get the vital intelligence needed to immunize your digital estate against the next generation of cyber threats. | |
 | |||
Agenda
|
|