Day Two: Tuesday, May 19, 2020

12:00 pm - 12:25 pm Lobby Opens

12:25 pm - 12:30 pm Chairperson's Opening Remarks

12:30 pm - 1:00 pm Securing the Front Lines: Cybersecurity Awareness & Other Human-Centered Approaches to Overcoming Insider Threats

Stephen Fridakis - Chief Information Security Officer, WW (Weight Watchers) International

While the proliferation of threat vectors continues to create challenges to CISO’s within the healthcare space, it’s important to recognize that insider threats will remain a serious vulnerability for organizations for the foreseeable future. This session will delve into how a renewed focus on cybersecurity awareness training is a fundamental component of minimizing and containing the huge vulnerability that insider threats pose to long-term cyber resiliency within a healthcare-focused organization. 

Participate in this session to gain a better understanding of: 

  • emphasizing the human factor of cybersecurity to front-line employees in a meaningful, digestible way that fits the unique nature and risks 
  • development and implementation of a rewards program to foster transparency through positive reinforcement 
  • strategies to identify and empower cross-functional “cyber champions” to reinforce best practices outside of the training room 
  • optimizing clinical workflows to reduce friction and seamlessly integrate advanced cybersecurity technology  
  • the use of identity management to protect against cyber security threats 

Stephen Fridakis

Chief Information Security Officer
WW (Weight Watchers) International

1:00 pm - 1:30 pm The Cognitive Security Edge: A Proactive Approach

It takes constant monitoring and maximum use of data to find attacks and abnormal behavior before an incident occurs. However, the world produces over 2.5 quintillion bytes of data every day, and 80% of it is unstructured. What this means is most of it's expressed in natural language – spoken, written or visual – that a human can easily understand but traditional security systems can't. Most challenging security problems still require people to make sound decisions about what to act on and what's a false alarm. Building security instincts and expertise into new defenses that analyze research reports, web text, threat data, and other security-relevant structured and unstructured data. Just like security professionals do every day – but at a scale, we've never seen.

In this session, you will: 

  • Learn the philosophy and capabilities associated with cognitive computing 
  • Hear about attacks on cognitive systems
  • Discuss three top-performing approaches and solutions 
  • Explore live case studies

1:30 pm - 2:15 pm Overcoming Cybersecurity Challenges with the Right Tools

Nick Gerteisen - Senior Director, Global Product Security, Smith & Nephew

As cybersecurity challenges continue to present a clear and seemingly constant threat to business continuity, it’s critical that CISO’s work hand-in-hand to overcome complex, persistent threats. Ultimately, we aren’t going to win this war without the right tools. Join CrowdStrike and panel for a discussion surrounding the greatest challenges each organization is facing and how we can work together to overcome them. 


Nick Gerteisen

Senior Director, Global Product Security
Smith & Nephew

2:15 pm - 2:20 pm Break

2:20 pm - 2:50 pm Securing the Pharmaceutical Supply Chain through Blockchain

Vicky Ames - Director, Information Security, Risk & Compliance, United Therapeutics Corporation

The complex nature of pharmaceutical supply chains necessitates a significant degree of data sharing which inevitably increases the enterprises’ risk exposure related to third parties. This roundtable will be centered on the use of advanced risk management tools to enable stakeholders throughout the supply chain to benefit from real-time access to pertinent risk assessment data. 

Participate in this session to dive deeper into: 

  • the role that strong data security plays in ensuring effective EHR use in a clinical trial setting 
  • ensuring quality and employing blockchain as an anti-counterfeiting measure 
  • reducing risks related to patient harm and security vulnerabilities throughout the supply chain 

Vicky Ames

Director, Information Security, Risk & Compliance
United Therapeutics Corporation

2:50 pm - 3:20 pm Business Meetings

3:20 pm - 3:50 pm Business Meetings

3:50 pm - 4:20 pm Business Meetings

4:20 pm - 4:25 pm Break

4:25 pm - 4:45 pm Defending Against Mayhem: Best Practice Policies

Work anywhere, anytime - this adage has employees connecting to corporate networks via web and cloud apps, as well as remote access services like VPNs and RDP to do their job.

But with this convenience comes a number of threats to users - like phishing, brute-force attacks and password-stealing malware. Devices are also targeted by exploit kits and known vulnerabilities affecting out-of-date software. VPN, RDP, third-party vendor, and cloud and web app access are also targets of malicious hackers.

Learn how to mitigate these attacks in this roundtable discussion as well as best practices for:

  • Multifactor Authentication
  • Adaptive Access Policies
  • Device Trust
  • Remote Access
  • SSO

Unfortunately, CISO’s often struggle to gain adequate funding to support a truly offensive cybersecurity posture. Both the traditionally tight profit margins within the healthcare space and focus on investment in novel, bleeding-edge clinical technology often take precedent in the healthcare space, leaving CISO’s with a unique challenge when it comes to funding improvements in terms of cyber hygiene. 

 Offer your experience and insights concerning: 

  • evaluating which legacy systems are most vulnerable and apt for replacement
  • strategies to perform patching or other necessary system updates while minimizing financial and clinical impact
  • successful communication strategies that help non-experts better understand the intrinsic connection between healthy cyber hygiene and improved financial and clinical outcomes 

Tim Swope

Chief Information Security Officer
Catholic Health Services of Long Island

Toby Tsuchida

Information Security Officer
Partners HealthCare


Elliot Jones

Chief Information Security Officer
Rady Children's Hospital - San Diego

5:30 pm - 5:40 pm Chairperson