Ohad Zaidenberg is the Founder of CTI League, a global cyber threat intelligence community. The Cyber Threat Intelligence (CTI) League is an online, global community of cyber threat intelligence researchers, Infosec experts, CISOs, and other relevant people within the industry, whose goal is to neutralize cyber threats exploiting the current COVID-19 pandemic. Our volunteers prioritize efforts on helping hospitals and healthcare facilities protect their infrastructures during the pandemic and creating an efficient channel to supply these services. In the CTI League platform, volunteers can find a clearinghouse for data, connection network and a platform for facilitating those connections. The CTI League’s current goal is to neutralize cyber threats exploiting the current COVID-19 pandemic. Our volunteers can choose the best path to achieve this goal: takedown the IoC from the internet, triage it to the medical sector or escalate it to the relevant law enforcement agencies. In his day job, Ohad is the Lead Cyber Intelligence Researcher at the ClearSky Cybersecurity, an Israeli cyber threat intelligence company.

Participate in this session to learn how to:

• Neutralize cyber threats looking to exploit the current pandemic
• Block and takedown bad actors
• Access expert pro-bono industry support from CTI League members

Ohad Zaidenberg

Lead Cyber Intelligence Researcher and COVID-19 CTI League Founder
ClearSky

See Bio

Turn your cameras and microphones on and engage in an interactive discussion on the topic with your peers.

A look at how security can change its role within healthcare organizations from a burden to an accelerator. We will explore the broader role security plays in allowing payers and providers to embrace disruption to provide new patient pathways, improved community health, and open new revenue streams. We will also discuss how robust risk management practices can be refocused to unlock opportunities for optimization, transformation and innovation.

Key Takeaways:

• Identify Risk to IT systems, data and medical devices
• Contextualize Threats and Establish Visibility
• Communicate cybersecurity impact on patient safety, security and privacy
• Deploy strategies for security transformation

Stephen Brennan

Global Associacte Partner, Healthcare & Life Sciences
IBM Security Services

See Bio

While the proliferation of threat vectors continues to create challenges to CISO’s within the healthcare space, it’s important to recognize that insider threats will remain a serious vulnerability for organizations for the foreseeable future. This session will delve into how a renewed focus on cybersecurity awareness training is a fundamental component of minimizing and containing the huge vulnerability that insider threats pose to long-term cyber resiliency within a healthcare-focused organization. 

Participate in this session to gain a better understanding of: 

• emphasizing the human factor of cybersecurity to front-line employees in a meaningful, digestible way that fits the unique nature and risks 
• development and implementation of a rewards program to foster transparency through positive reinforcement 
• strategies to identify and empower cross-functional “cyber champions” to reinforce best practices outside of the training room 
• optimizing clinical workflows to reduce friction and seamlessly integrate advanced cybersecurity technology  
• the use of identity management to protect against cyber security threats 

Stephen Fridakis

Chief Information Security Officer
WW (Weight Watchers) International

See Bio

Turn your cameras and microphones on and engage in an interactive discussion on the topic with your peers.

Credential stuffing aimed at account takeover, fake account creation and other brute force attacks drive fraud and abuse that results in more than $40B of hard losses every year. Fraudsters commit large scale bot attacks to steal digital identities and to commit member and provider fraud by stealing wellness rewards and filing false claims. Most companies turn to user friction such as CAPTCHA as a defense which motivated frauders can easily bypass. In this session you will learn how fraudsters launch large scale bot attacks and how you can mitigate these attacks in real-time without the use of CAPTCHA.

Takeaways

·        Use real-time solutions to mitigate credential stuffing attacks by bots

·        Protect user and provider accounts from identity, rewards and claim fraud

·        Increase user login success by removing CAPTCHA 

Andrew Jones

Senior Sales Engineer
Shape Security

See Bio

While we have no shortage of data points coming from our tools, CISOs need much more than raw data output to understand how well our security programs are performing. Join me on a journey through the good, the bad and the ugly metrics I have seen throughout my career and a discussion of how to develop meaningful metrics in healthcare environments. 

Join this session to:

• Discuss what makes a metric meaningful
• See examples of good and not so good metrics
• Discuss how to use meaningful metrics to solve some of the typical issues found in healthcare environments

Vicky Ames

Director, Information Security, Risk & Compliance
United Therapeutics Corporation

See Bio

Turn your cameras and microphones on and engage in an interactive discussion on the topic with your peers.

In a world of risk mitigation, we have vastly enabled video-conferencing and messaging as primary forms of communication in order to diagnose and treat patients. By allowing providers to maximize safety of during crisis, we have had to redefine the status quo. By modernizing consultations, we have been able to handle lower risk health concerns, (e.g. allergies, common cold, flu, etc.) without bogging down clinicians on the front lines. The security challenges that arise from this new digital ecosystem, are ensuring that clinicians are properly recording and submitting all captured data from patient interactions back into their electronic medical record systems. Taking the expanded remote workforce into consideration, additional layers of data protection and cloud application governance will be critical in safeguarding the privacy and safety of our employees, customers, and patients.

Sponsored by: Forcepoint

---

Homayun Yaqub

Security Strategist
Forcepoint

See Bio

Unfortunately, CISO’s often struggle to gain adequate funding to support a truly offensive cybersecurity posture. Both the traditionally tight profit margins within the healthcare space and focus on investment in novel, bleeding-edge clinical technology often take precedent in the healthcare space, leaving CISO’s with a unique challenge when it comes to funding improvements in terms of cyber hygiene. 

 Offer your experience and insights concerning: 

• evaluating which legacy systems are most vulnerable and apt for replacement
• strategies to perform patching or other necessary system updates while minimizing financial and clinical impact
• successful communication strategies that help non-experts better understand the intrinsic connection between healthy cyber hygiene and improved financial and clinical outcomes 

Tim Swope

Chief Information Security Officer
Catholic Health Services of Long Island

See Bio

Toby Tsuchida

Information Security Officer
Partners HealthCare

See Bio

Elliott Jones

Chief Information Security Officer
Keck Medicine, USC

See Bio

John Dunn

Vice President Enterprise Cybersecurity
GE Healthcare

See Bio

Nick Gerteisen

Senior Director, Global Product Security
Smith & Nephew

See Bio

Turn your cameras and microphones on and engage in an interactive discussion on the topic with your peers.