May 19 - 21, 2019
Dallas, TX

Day One: Sunday, May 19, 2019

10:00 am - 10:30 am Registration

GIBC Digital

10:30 am - 10:40 am Orientation

10:40 am - 10:50 am Thoughtexchange App Introduction

10:50 am - 10:55 am Chairperson’s Opening Remarks

Sonia Arista, National Healthcare Practice Director at Fortinet

Sonia Arista

National Healthcare Practice Director

10:55 am - 11:30 am Holistic Threat Management- Minimizing Threats and Increasing Resilience

Healthcare has many connected points- a much larger attack surface than any other vertical. Confidential patient data is often accessible to multiple care providers, both in clinical/research settings and online, and through different devices. Patient care takes precedence over security.  Organizations need to establish holistic risk management programs that safeguard electronic health information along with other sensitive and proprietary data.
Security involves a deliberate, multi-layered approach across payers, providers and medical suppliers.  This includes process improvement, user training, and better integrating existing technologies. Basic cyber hygiene is at the core including: blocking and tackling, firewall logging, password protection, access management, email security and authentication controls. Some emerging cyber tools enhance productivity, (which includes single-sign on to control access and identity management) -- and simplifies workflows and increase time on work tasks.

Executives must learn and keep in balance the interests of stakeholders, the mission, asset value and the real impact of an attack. Breaches will happen; the focus needs to be how the organization should minimize disruptions, handle ransomware and other attacks including proactive incident response and business continuity measures. Efforts to automate include integrating emerging technologies with existing security tools and bolstering processes to protect from human errors and insider threats. Executives must convey security is a continued enterprise investment. 
Allison Miller, VP of Global Enterprise Information Security at UnitedHealth Group/Optum

Allison Miller

VP of Global Enterprise Information Security
UnitedHealth Group/Optum

11:30 am - 11:45 am Collaborative & Creative Leadership

Learn how innovative and dynamic leaders are leading the way by having courageous conversations within their organization. Discover how organizations are creating a culture that promotes openness, transparency and collaboration by empowering their employees to share their voice and consider the thoughts and ideas of others; shifting the corporate paradigm from closed and knowing to open and learning. In this session you’ll learn what collaborative and courageous leadership means to you and those around you.
Darin Recchi, Sales Enablement, Community Development & Talent Initiatives at Thoughtexchange

Darin Recchi

Sales Enablement, Community Development & Talent Initiatives

11:45 am - 12:45 pm Networking Lunch


12:50 pm - 1:20 pm Mitigating and Containing Threat: A Prescriptive Approach

Effective security necessitates people, processes, and technology working on concert to mitigate and contain threats. Effective processes do not require a prescriptive approach and allows flexibility. Through this flexibility we are able to adjust the processes themselves as well as track and identify gaps in people and technology.

In this session, we explore maturing security operations and incident response using a process driven approach.
Tyler Mullican, Associate Chief Information Security Officer at AdventHealth

Tyler Mullican

Associate Chief Information Security Officer

1:25 pm - 1:55 pm Business Meetings

1:55 pm - 2:25 pm Business Meetings

2:25 pm - 2:55 pm Business Meetings

3:00 pm - 3:30 pm Human Deception Problem: Understanding and Defending Against Social Engineering Attacks

The most successful method of cyber-attacks continues to be phishing. These attacks cost organizations millions of dollars each year and things are just getting worse. As these attacks intensify and become more refined, technology is failing to keep up and your users will continue to fall prey. To effectively defend yourself against this, you have to understand how the attacks work, including the psychological triggers and tricks the attackers are using. This session will explore the different levers that social engineers and scam artists pull to make your users more likely to do their bidding.

Join Erich Kron CISSP, Security Awareness Advocate at KnowBe4, as he provides fun and engaging examples of mental manipulation in everyday life: from the tactics used by common criminals, to sophisticated social engineering and online scams. Additionally, he'll look at how you can ethically use the very same levers when educating your users.

Key Takeaways:

  • The Perception vs. Reality Dilemma
  • Understanding the OODA (Observe, Orient, Decide, Act) Loop
  • How social engineers and scam artists achieve their goals by subverting critical thinking steps
  • How you can defend your organization and create your human 
Erich Kron, Security Awareness Advocate at KnowBe4

Erich Kron

Security Awareness Advocate

3:30 pm - 3:45 pm Networking Break

Duo Security

3:45 pm - 4:15 pm Business Meetings

4:15 pm - 4:45 pm Business Meetings

Ignite Sessions: Three Quick Fire Presentations in Twenty Minutes. Talk about getting to the crux of the matter, fast!

4:50 pm - 5:15 pm The Future of Unified Healthcare IoT Intelligence and Cybersecurity

Timur Ozekcin, Co-Founder & CEO at Cylera

Timur Ozekcin

Co-Founder & CEO

5:00 pm - 5:25 pm Making the case for Deception as Practical Cyber Defense Solution

Ken Wolf, Chief Revenue Officer at PacketViper, LLC

Ken Wolf

Chief Revenue Officer
PacketViper, LLC

5:15 pm - 6:15 pm Practitioner Roundtables

Earlier in the Exchange, we collected your insights and challenges using the Thoughtexchange social learning tool. We identified the highest rated topic areas. During this session, you’ll have the opportunity to choose a topic and participate in a small group discussion. You will work in groups to develop an action plan for improvement.

6:15 pm - 6:45 pm Networking Reception


6:45 pm - 7:15 pm Networking Dinner