Healthcare is under siege, as recent ransomware attacks like WannaCry and Petya clearly show. In fact, experts are already looking into the next evolution of the techniques used by hackers and cybercriminals to infiltrate the industry.
It's in times like these when expert advice and best practices developed by your peers can really help healthcare stay ahead.
The HIMSS Healthcare Security Forum in Boston on Sept. 11-13 will feature keynotes from two former White House administrations, an MIT professor, and many innovators sharing their insights into the constantly evolving threat landscape. If you want more of a cause to attend, here are 14 reasons why the intelligence shared there can help safeguard your organization.
Click to the next slide to learn more
If you think the most important part of a cybersecurity strategy is technology, think again, says MIT Professor Stuart Madnick, who’s work in cybersecurity goes back to 1979. If you don’t address people issues, you’re missing the big picture.
U.S. President George W. Bush created the Office of Homeland Security and named Tom Ridge its first director. Ridge will deliver the opening keynote at HIMSS’ Healthcare Security Forum in Boston.
"Land, sea and air are not expanding on a daily basis but cyberspace is,” said Michael Daniel, former White House Cybersecurity Coordinator during the Obama administration. Daniel will deliver the Tuesday keynote at HIMSS’ Healthcare Security Forum in Boston.
“I was very surprised to see so many respondents doing penetration testing, and hiring CISOs or other senior security leaders, and having insider threat management programs,” said Lee Kim, director of privacy and security at HIMSS.
“A good leader needs to be able to balance the proper security requirements for protection of the organization and at the same time understand and allow the organization the flexibility for speed and innovation,” said Phil Alexander, director of information security and ISO at UMC Health System.
The top takeaways from HIMSS Director of Privacy and Security Lee Kim's report this month: Keep pace with installing security patches and, of course, know that any connected devices (like coffee makers!) can be hacked.
“If you’re simply reacting to attacks, you’re already behind,” said Xu Zou, co-founder and CEO of ZingBox.
"The dark web hosts a variety of data posted for sale in forums, discussion groups and catalog-style sites," said Michelangelo Sidagni, chief technology officer at NopSec.
Prediction: Hospitals will continue honing their risk management and security postures. In fact, one prominent security chief speaking at the Healthcare Security Forum in May even says strategy is the best security. Cloud computing, AI and machine learning, maybe even Blockchain, will usher in the next-generation of more rigorous evidence-based security technologies and tactics.
“Malicious code may run merely by hovering over a malicious URL with one’s mouse pointer. Visual Basic for Applications macros do not need to be enabled in order for this to work,” HIMSS Director of Privacy and Security Lee Kim said.
Tom Sullivan explained what it was like to host a security forum when WannaCry hit the globe. Approximately 200 information security professionals were gathered in one room during May's Healthcare IT News Privacy & Security Forum. The fear in that room wasn’t the ‘catch-the next-flight-outta-Frisco’ kind of fright. Rather, the CISOs, security specialists, health IT professionals and technology vendors were in the mode of checking email incessantly, picking up the phone as soon as it rings, stepping out of the room to handle matters immediately, and asking each other about what they were doing in response.
“Seventy-five percent of the healthcare industry is below the cybersecurity poverty line,” said George DeCesare, Kaiser Permanente Chief Technology Risk Officer during May's Healthcare IT News Privacy & Security Forum.
Honeypot experiment: "The fact that it's possible means it's going to happen at some point," Adam Brand of Protiviti said during May’s Privacy & Security Forum. "To date, we haven't seen an attacker go after patients in a hospital and do harm on purpose. Or hold the device hostage with ransomware on purpose. But there's not a whole lot preventing that from happening."
Be at the event where the industry's top InfoSec pros share cutting-edge tactics you can't get anywhere else. Join us for deep dives around access control; cloud security; cybersecurity strategies and frameworks; HIPAA security; biometrics, incident response; network security, penetration testing; mobile and medical device security; vendor management, and more. Stay ahead of phishing attacks. Avoid being a ransomware target, and stay ahead of the evolving threat landscape. We'll help you do it right.
The Healthcare Security Forum is designed to provide business-critical information that CISOs and other healthcare information security pros need to better safeguard their organization's data assets.