Deciding what to build, what to buy, and when to partner is mission critical for healthcare organizations. As security leaders we have more options than ever including SIEMs, SOC-as-a-service, and a range of managed products and services. The challenge is finding the right mix to meet your budget, compliance requirements, and cyber risk tolerance. Join us to learn how healthcare organizations can effectively and affordable meet their goals.
In this session, NetSPI’s Nabil Hannan and RxMx’s Jesse Parente will explore the world of healthcare data management – notably, how to manage sensitive data securely. Delve into the healthcare industry’s regulatory pressures and the biggest cyber threats it faces today, then hear insights on how to:
Lastly, with the pandemic as a catalyst for digital transformation in the healthcare industry, cloud adoption has soared. Nabil and Jesse will discuss the benefits of the cloud for data management and
review its security considerations.
Healthcare and public health organizations are under threat and expected to spend a cumulative $125 billion on cybersecurity from 2020 to 2025. But they will reap little return on this investment if the security controls they employ fail. And they do. What's worse, they fail silently so that breaches keep occurring, even when security leaders are confident that their organizations are protected. Verizon estimates that 82 percent of enterprise breaches should have been stopped by existing security controls but weren't, and the healthcare sector ranks among the highest in the rate of severe security flaws. CISOs are under pressure to pinpoint silent failures and deliver risk assessment and mitigation data that is accurate, comprehensive, and current. It’s only possible if they know what security controls they have in place and how effective they are at detecting and preventing real-world attacks. To improve cybersecurity effectiveness, security teams are transitioning to a threat-informed defense strategy with the MITRE ATT&CK framework, a purple team construct of red and blue teams, and an automated testing platform combined into an engine of optimization.
In this talk, author and former DoD Chief Strategy Officer for Cyber Policy Jonathan Reiber will:
- outline the evolution of threat-informed defense,
- discuss the value of MITRE ATT&CK and purple team operations, and
- show security teams how to move forward towards cybersecurity effectiveness.
Participants will leave with:
- a clear plan for how to affect change in their organizations and
- deliver results to safeguard our most important data.
One of the benefits of being in a highly regulated environment is that there is familiarity with how and when legislation tends to change and when and where subsequent regulatory changes occur. It is precisely in this environment that the outpacing of compliance can happen. When outpacing compliance, getting ahead on risk management becomes more straightforward. That’s how to gain a forward facing cyber security posture.