Mary Diner & Judd Larson, Healthcare and Medical Device Track Co-chairs | |
This month we are focused on the Healthcare and Medical Device program within the 12th Annual Cyber Security Summit, October 25, 2022. As cyber security CISOs in these sectors we are all focused to protect the healthcare industry from threats from a public, organizational, and patient perspective in an increasingly complex global landscape.
Read full blog post here
| |
|
David Hanauer, BISO for Optum Digital
The Healthcare space represents one of the fastest growing markets in America. As the move to Telehealth and digitalization speeds up the role of security in healthcare takes center stage. Tackling the challenges of Identity, Access to care, and keeping customer data safe in the cloud is more important than ever. United Health Group is leading the transformation from a segmented and single service approach to one that puts the customer first while keeping our eyes wide open to the risks and downsides of a service forward delivery method.
| |
Key Issues the Healthcare Space is facing in 2022 and beyond
> Telehealth + Digitalization
> Identity
> Access to Care
> Keeping Customer Data Safe in the Cloud
David's bio: David Hanauer is the BISO for Optum Digital. David has a background in data security and security architecture in industries such as Biotech, Finance, and Telecom. From designing custom asset inventory systems, to overseeing the security portfolio for Optum Digital David has a long history of putting the customer first and ensuring that their healthcare and privacy needs are met.
| |
LAST CALL for Speakers for the 12th Annual Cyber Security Summit in Minneapolis!
Our "Eyes Wide Open" theme has sparked some compelling presentations that are tapping into this zeitgeist moment in the cyber security landscape.
| | Submissions close July 1st 11:59 pm. | | | |
FBI Blocked Iranian-Backed Cyberattack on Boston Children’s Hospital Last Year
CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.
An interesting article on Nurses role in HDO Cybersecurity
The future of healthcare security will require nurses to play a larger role in crafting policy and receiving training that fosters connections between nursing staff and IT leaders.
Senate Bill 3983 Protecting Medical Devices from Cyber Attacks (PATCH) Act
| |
|
Kumar Asani, CISO, Digital River
I have always believed in focusing on the fundamentals, common controls framework, preventative controls, security by design and simplicity. Cyber security is a complex and ever changing landscape, requires patience, thoughtful approach, sound strategy, collaboration, partnership and most importantly people to make it happen! It is a journey and requires you to pay attention to the most important things and demonstrate measurable progress with continuous monitoring and rinse repeat approach. It is always about finding a balance between people, process and technology and knowing when to adjust as needed.
| |
|
Loren Dealy Mahler, CEO, Jupiter
Within any industry, the concept of trust is paramount. A company must earn a customer's trust in order to earn their business. A major source of trust comes from a company's willingness and ability to protect its customers, and nowhere is this more important than in the field of healthcare and medical devices where customer interactions occur in a particularly vulnerable setting. This puts cybersecurity teams at the center of the effort to build and maintain customer trust and loyalty. Whether it’s integrated security features built in at the development stage or a customer-centric approach to incident response management, the security considerations for anyone working in this field are central to any company’s success.
| |
Cofense’s goal is to stop phishing.
As we all know, millions of ransomware, business email compromise and credential harvesting attacks bypass expensive email security solutions every year. They are in your users’ inboxes right now.
Cofense is the only company that combines a global network of 32 million people reporting phish with advanced AI-based automation to stop phishing attacks fast. That’s why over half of the Fortune 500 and thousands of other organizations trust us.
Have you seen their Real Phishing Examples and Threats Resource Center? It defines the environments, the type, the tactic, and the theme of the most recent threats across many platforms. PHISHING EXAMPLE RESOURCE
| |
Health-ISAC Inc. (H-ISAC, Health Information Sharing and Analysis Center), is a global, non-profit, member-driven organization offering healthcare stakeholders a trusted community and forum for coordinating, collaborating and sharing vital physical and cyber threat intelligence and best practices with each other.
Health-ISAC is a trusted community of critical infrastructure owners and operators within the Healthcare and Public Health sector (HPH). The community is primarily focused on sharing timely, actionable and relevant information with each other including intelligence on threats, incidents and vulnerabilities that can include data such as indicators of compromise, tactics, techniques and procedures (TTPs) of threat actors, advice and best practices, mitigation strategies and other valuable material.
www.h-isac.org
| | |
MDMA's cybersecurity working group serves as a key channel to disseminate timely and relevant information to medical technology innovators as they institute and strengthen their cybersecurity functions. Working with federal partners, MDMA helps members navigate vulnerability disclosures, threats and ransomware activity targeting the health care and public health sector. MDMA also maintains a partnership with the Healthcare & Public Health Sector Coordinating Council (HSCC) Cyber Working Group (CWG).
www.medicaldevices.org
| |
The 12th Annual Cyber Security Summit takes place Oct. 24-26, 2022 in Minneapolis, MN and online (hybrid event). To stay current on the Summit and trending cyber security issues, follow Cyber Security Summit on social media and use the hashtag #cybersummitMN for the latest conversations. For details, visit us at cybersecuritysummit.org.
| | | | | |