Day One: Monday, May 18, 2020

12:00 pm - 12:25 pm Lobby Opens

12:25 pm - 12:30 pm Chairperson's Welcome Orientation & Technology Introduction

11:10 am - 11:40 am Establishing a Culture of Comprehensive Vigilance within Both Your Cyber & Physical Security Teams

Paul Connelly - Chief Information Security Officer, HCA Healthcare
The evolution of the Internet of Things into the Internet of Everything has profound consequences on clinical settings and requires the development of a comprehensive strategy to create synergies between cyber and physical security assets. Join Paul Connelly, CISO at HCA Healthcare, as he shares how he’s leveraging the convergence between the two functions to protect both sensitive, HIPPA-protected patient data as well as his organization’s varied physical assets. 

Participate in this session to gain insights into: 
  • Improving the accuracy and efficiencies of risk assessments by avoiding duplication and establishing a “single source of truth”
  • Establishing appropriate physical controls that take into account the complexity of identity and access management within a layered, complex clinical ecosystem 
  • Generate cost savings by assessing how cyber threats pose risks to both physical assets and IT infrastructures  
  • Maintaining the individual identities of both the physical and cybersecurity teams while fostering collaboration 

Paul Connelly

Chief Information Security Officer
HCA Healthcare


1:00 pm - 1:45 pm How to Better Prepare for Sophisticated Cyber Heists

Due to their multi-vector nature, defending against sophisticated cyber heists launched as Advanced Persistent Threats, or APTs, requires seamless configuration and integration of solutions across your digital estates. With critical assets like consumer-facing applications, SWIFT and ATM servers, BFSIs are a prime target for APTs, as demonstrated by the Cosmos bank cyber heist.

Join us to learn:

  • The difference between APT cyber heists and opportunistic attacks
  • Where traditional testing methods fall short 
  • How objective KPI metrics enhance security ROI


1:00 pm - 1:45 pm The Human Deception Problem: Understanding and Defending Against Social Engineering Attacks

The most successful method of cyber-attacks continues to be phishing. These attacks cost organizations millions of dollars each year and things are just getting worse. As these attacks intensify and become more refined, technology is failing to keep up and your users will continue to fall prey. To effectively defend yourself against this, you have to understand how the attacks work, including the psychological triggers and tricks the attackers are using. This session will explore the different levers that social engineers and scam artists pull to make your users more likely to do their bidding.

You’ll learn fun and engaging examples of mental manipulation in everyday life: from the tactics used by common criminals, to sophisticated social engineering and online scams. Additionally, he'll look at how you can ethically use the very same levers when educating your users.

Key Takeaways:

  • The Perception vs. Reality Dilemma
  • Understanding the OODA (Observe, Orient, Decide, Act) Loop
  • How social engineers and scam artists achieve their goals by subverting critical thinking steps
  • How can you defend your organization and create your human firewall

1:45 pm - 1:50 pm Break

Plenary Session

1:50 pm - 2:15 pm The Digital Identity Dilemma: Establishing A Proactive Identity & Access Management Protocol
Mike Towers - Chief Security Officer, Takeda Pharmaceuticals International Inc.

Healthcare is certainly not immune to the ambiguity that arises with the proliferation of digital identities associated with both human beings themselves and connected devices. As the healthcare industry embarks in its own path of digital transformation, CISO’s are tasked with navigating a complex framework of persistent on-prem sets of applications, a rapidly expanding set of cloud applications, and variety of medical device and cloud-based medical services. 

Join this session to gain insights into: 

  • evaluating how cloud-based identity management can help centralize data and allow for a “single source of truth” 
  • addressing critical gaps in cybersecurity identity policies including overcoming reliance on directory group memberships and manual permission agreements
  • automated provisioning and 
  • how IAM programs are improving the efficiency of both clinical and network access workflows 
  • moving beyond managing identity access on simply a macro level by placing greater focus on granulite
  • criticality of multifactor authentication to combat credential stuffing

Mike Towers

Chief Security Officer
Takeda Pharmaceuticals International Inc.

Fighting cybercriminals in the corporate realm ensure potential career opportunities. As cyber threats evolve, efforts must be made to build cyber risk into overall business models to detect, prevent, and thwart bad actors. CEOs invest a considerable amount of time into understanding the fiscal initiatives set forth by the CFO to ensure healthy financial outcomes. The same considerations must be given for CISO’s to integrate cybersecurity measures and risk management fully. The absolute key to CISO success rests on the entire executive team. Their attitude and actions tend to make or break CISO’s.

In this session, you will:   

  • Discuss the balance required between technical astuteness, business acumen, and financial risk
  • Hear tactics for earning a permanent seat with business executive leadership teams
  • Explore the need for indicators of compromise for risk management and mitigation like threat intelligence, incident response plans, and cybersecurity policies in the business model

Kevin Powers

Founding Director, MS in Cybersecurity Policy & Governance Program
Boston College, Woods College of Advancing Studies

2:20 pm - 2:50 pm Business Meetings

2:50 pm - 3:20 pm Business Meeting

3:20 pm - 3:50 pm Business Meetings

3:50 pm - 4:20 pm The Cognitive Security Edge: A Proactive Approach

It takes constant monitoring and maximum use of data to find attacks and abnormal behavior before an incident occurs. However, the world produces over 2.5 quintillion bytes of data every day, and 80% of it is unstructured. What this means is most of it's expressed in natural language – spoken, written or visual – that a human can easily understand but traditional security systems can't. Most challenging security problems still require people to make sound decisions about what to act on and what's a false alarm. Building security instincts and expertise into new defenses that analyze research reports, web text, threat data, and other security-relevant structured and unstructured data. Just like security professionals do every day – but at a scale, we've never seen.

In this session, you will: 

  • Learn the philosophy and capabilities associated with cognitive computing 
  • Hear about attacks on cognitive systems
  • Discuss three top-performing approaches and solutions 
  • Explore live case studies

4:20 pm - 4:25 pm Break

Plenary Session

4:25 pm - 4:55 pm Championing Cybersecurity as a Critical Component of the Consumerization of Healthcare
Esmond Kane - Chief Information Security Officer, Steward Health Care

The consumerization of healthcare is having profound, long-ranging consequences throughout the continuum of care. As a growing number of patients are experiencing a heightened share of financial reasonability, CISO’s should be prepared to meet consumer’s shifting expectations concerning the security and governance of their PHI and HIP. 

Topics explored include: 

  • improving compliance related to HIPPA Right of Access 
  • creating trust by establishing transparency around data breaches (HIPPA Breach Notification Rule)
  • embracing BYOD and IoMT as a teachable opportunity to increase cybersecurity awareness among end-users  
  • navigating payment integrity (PCI DSS) 

Esmond Kane

Chief Information Security Officer
Steward Health Care

The explosion of medical devices is, perhaps, the most pressing challenge that cybersecurity executives will be facing in the next few years. Despite the promise that IoMT connected devices brings in terms of both patient care and engagement, their propagation will be accompanied by a substantial increase in the scope of the attack surface. This session will delve into how a major medical device manufacture is pioneering innovation as a means of improving cyber security. 

Participate in this session to gain insights into: 

  • building in network segmentation for IoMT-connected devices from other, on prem medical devices 
  • understanding how medical device manufacturers are embedding security functions such as secure boots and boot fuses, device partitioning and crypto engines 
  • addressing zero-day vulnerabilities within a IoMT context 
  • identifying and assessing security flaws in legacy devices built before the advent of embedded security modalities 
  • how the FDA’s Medical Access Innovation Plan will lead to accelerated timelines for fragmented patch updates and other firmware

Nick Gerteisen

Senior Director, Global Product Security
Smith & Nephew

4:55 pm - 5:25 pm New Rules: Strengthening the Cyber Element of Your Organization’s Pandemic Response Plan

The current public health situation has serious implications for a healthcare organization’s attack readiness and, left unchecked, could have an impact on both business and clinical continuity. This session will delve into some of the unique parallels between potential disruptions in healthcare delivery/supply chains and the anticipated effects of a large-scale cyber-attack. Join a leading CISO in this session to strategize as to how to develop a proactive, risk-focused strategy to protect business operations and sensitive patient data in the face of the possibility of a global pandemic. 

Participate in this session to: 

  • Mitigating potential changes in resource allocation
  • Avoiding the possibility of an increase in disillusioned, rogue internal actors during an outbreak 
  • Enhancing your cybersecurity strategy to account for a shift towards remote work for non-clinical healthcare workers  
  • Communicating the impermissibility of “snooping” on the part of clinically-facing healthcare workers who are concerned about the risk of contagion 


5:25 pm - 5:55 pm Reality Check: Is AI and ML Really Cybersecurity’s Saviour?
Ravi Mani - Vice President & Chief Information Security Officer, Quest Diagnostics

Over the past decade, digitization has become an integral part of the clinical experience as well as the administrative processes employed in the healthcare sector. This shift has dramatically increased the vulnerabilities and attack vectors that CISO’s are tasked with identifying and mitigating. Yet, CISO’s are being asked to greatly scale up their operations with a lack of both human and financial capital. Although AI promises to help solve some of these critical issues, this session will seek to identify strategies being employed to identify appropriate use cases and ensure

Hear how your peers are: 

  • leveraging AI/ML technology to free up resources to amplify cybersecurity training and awareness initiatives
  • cautiously integrating AI into their strategy keeping in mind the sensitivity of PHI and possibility of manipulation via social engineering
  • formulating an AI roadmap 

Ravi Mani

Vice President & Chief Information Security Officer
Quest Diagnostics

Unfortunately, CISO’s often struggle to gain adequate funding to support a truly offensive cybersecurity posture. Both the traditionally tight profit margins within the healthcare space and focus on investment in novel, bleeding-edge clinical technology often take precedent in the healthcare space, leaving CISO’s with a unique challenge when it comes to funding improvements in terms of cyber hygiene. 

 Offer your experience and insights concerning: 

  • evaluating which legacy systems are most vulnerable and apt for replacement
  • strategies to perform patching or other necessary system updates while minimizing financial and clinical impact
  • successful communication strategies that help non-experts better understand the intrinsic connection between healthy cyber hygiene and improved financial and clinical outcomes 

Tim Swope

Chief Information Security Officer
Catholic Health Services of Long Island


Michael Prakhye

Chief Information Security Officer
Adventist Healthcare

Toby Tsuchida

Information Security Officer
Partners HealthCare

5:55 pm - 6:05 pm Ignite: Comprehensive Cloud App Security Coverage

  • Gain complete visibility in to unsanctioned apps (shadow IT) usage in any cloud environment 
  • Detect risky usage of sanctioned cloud apps like users downloading sensitive data on personal device (BYOD) 
  • Secure both well-known apps like Office 365 as well as lesser-known or even custom apps for comprehensive cloud app coverage 
  • Apply security policy enforcement for both corporate managed and unmanaged devices based on granular control over applications 

6:10 pm - 6:20 pm Chairperson Closing Remarks