The last couple of years have demonstrated the undeniable connection between the quality and efficiency of patient care and resiliency of IT systems and networks. Dr. Saif Abed, a medical doctor and healthcare cybersecurity expert will speak to SC Health Editor about the linkage between cybersecurity and patient care, and how that influences risk management across the sector.

As healthcare organizations continue to grow their networks of connected medical devices and systems, they become more attractive targets for cyberattacks. Vulnerabilities, ransomware attacks and patient data leakage are just a few of the issues keeping these security professionals up at night. 

With Recorded Future intelligence, healthcare organizations can confidently automate workflows with knowledge from an unrivaled breadth of external sources. Accelerate threat detection, response, and decision making by positioning comprehensive, real-time intelligence at the center of your security workflows and processes.

In this session, Recorded Future will cover:

• The key security challenges facing the healthcare industry
• Best practices for developing a proactive security strategy
• Integrated solutions for intelligence-driven  threat detection and response workflows

The likelihood of falling victim to a ransomware attack has significantly heightened in the last year, driving the need for organizations to have strong business continuity plans in place to quickly respond to the attack and maintain patient care. These plans must be well-practiced and thought out to reduce the amount of time it takes to bring business operations back to normal. This panel will dig into the needed elements for an effective plan, including assigning roles to staff, data backup procedures, and EHR downtime policies, among other security requirements to keep operations up and running following a cyberattack.

Nine out of ten US healthcare organizations expect to be victimized by an email-borne threat that could lead to ransomware, phishing, or BEC in the coming year. How can we educate ourselves as security professionals around the state of threat landscape? How has the threat landscape changed for healthcare? What’s ahead? And most importantly, what can be done?

The pandemic brought a sharp rise in remote work and telehealth use, with platforms quickly implemented without security always top of mind. This panel will detail the risks, and how providers successfully tackled the swift onboarding of technologies with considerations for patient data and communications security within the network.

Whether you are a hospital system, research facility, medical equipment manufacturer or pharma company, calendar year 2020 was an unscripted and unpredicted year; both in terms of healthcare developments and in terms of security incidents that have directly impacted the health field. With ransomware, malware and targeted attacks, combined with the convergence of IT/OT operations, attack surfaces have expanded and attack vectors have increased. Join us for this exciting presentation given by a 30 year healthcare practitioner who also works in the security field. This session will outline these new threats that our field faces as well as best practices to protect your operations against unacceptable risk.

Legacy devices continued to be used across the health care sector despite receiving no tech support to keep these platforms secure. In fact, many medical devices are built upon outdate platforms, such as MRIs and CT scanners. Combine this reality with struggles to timely patch devices and the risks pile. This panel will examine vulnerability management and inventory needs, including visibility into devices, access points, and communication flows within the network.

The exchange of information has always been a critical factor of cybersecurity in the healthcare sector, only heightened amid a pandemic that drove a surge in care and telehealth services. Hear from Erroll Weiss, chief security officer for the Health Information Sharing and Analysis Center, as he speaks to Health Editor, Jessica Davis, about the evolving nature of the threat landscape and how that shapes best practices in information sharing.

In this new era of cyber-threat, characterized by both slow and stealthy attacks and rapid, automated campaigns, static and siloed security tools are failing - and the challenge has gone beyond one that is human-scalable. Organizations need to urgently rethink their strategy to ensure their systems, critical data and people are protected, wherever they are. Today’s Autonomous, Self-Learning defenses are capable of identifying and neutralizing security incidents in seconds, not hours - before the damage is done.

In this session, learn how self-learning AI: 

• Detects, investigates and responds to threats – even while you are OOTO  
• Protects your entire workforce and digital environment – wherever they are, whatever the data 
• Defends against zero-days and other advanced attacks – without disrupting the organization 

In addition, hear from Nemi George, Senior Director of Information Security at Pacific Dental Services, discuss how Darktrace’s Self-Learning AI defends the healthcare organization from advanced cyber-threats. Armed with Darktrace, their lean security team are able to “cut through the noise and focus on the things we need to focus on."

Health care relies on a wide range of business associates in order to support routine care, ensure patient privacy, and maintain HIPAA compliance. However, ensuring the business associate agreements protect the organization, as well as its privacy and security, can be increasingly difficult to navigate. This panel will detail the necessary elements for effective BAAs, as well as how to ensure the privacy and security of necessary business associates and other vendors through contract language and management.

The Centers for Medicare & Medicaid Services recently enacted its interoperability rules, which heavily rely on APIs and FHIR protocols. Similarly, the Office of the National Coordinator for Health Information Technology will launch the Trusted Exchange Framework and Common Agreement in early 2022. This panel will outline privacy concerns with these regulatory changes, as well as tactics providers can take to better support interoperability with key security mitigations.