Hosted by the Cyber Health Working Group, a national InfraGard special interest group for IT professionals in the health sector.
Join CHWG members, non-members, and industry professionals from across the country to network and share tactical information about cyber threats, trends, and best practices.
YOUR CONFERENCE EXPERIENCE
- 13+ sessions, with breakouts designated by specialized track, one technical and one leadership, as well as general sessions, keynote speakers, and roundtable exercises
- Expert speakers and panelists in healthcare cybersecurity
- Real best practices and success stories
- Hot topics currently being discussed in the industry
- Dedicated exhibits area, showcasing sponsoring vendors
- Opportunities to get social with fellow attendees during the Welcome Reception
- The chance to explore the uptown Charlotte area
UPDATED AGENDA
Healthcare CyberGuard
Real world strategies and tactics – where industry professionals team with government experts to improve healthcare cybersecurity
Thursday, 10/25/2018
7:30-8:30 a.m. Registration
8 a.m. – 4 p.m. Sponsors & exhibits
7:45-8:15 a.m. Continental breakfast
8:15-8:30 a.m. Welcome
8:30-9:45 a.m. Opening keynote
Surviving the Cyberpocalypse – Hancock Health’s Journey through a Cyber-Attack
On January 11, 2018, Hancock Health, a small health system located in an eastern suburb of Indianapolis, was attacked by cybercriminals. Health system leaders teamed with attorneys from Hall Render and cyber security specialists from Pondurance to respond to the attack and rapidly restore system functionality. Join the hospital executive and the cyber security expert as they recount their journey through the attack and the lessons they learned from it.
- Craig Felty, VP patient care services/chief nursing officer, Hancock Regional Hospital
- Ron Pelletier, partner/co-founder, Pondurance
9:45-10 a.m. Networking beverage break
10 a.m.-noon Breakout sessions
Swimming with the phishes: Building a cyber-awareness program that connects with your teams
- Kristen Greene, cognitive scientist, National Institute of Standards and Technology
- Michelle Steves, information systems analyst, NIST
- Chris Kuhl, chief information security officer, Dayton Children’s
Am I really who I say I am?
The answer to the question “Who are you?” is becoming increasingly important, especially in relation to one’s healthcare. Safe and secure access to a person’s health information hinges on how their online identity is established and used—especially as the transition to electronic health record systems (EHRs) increases and the interconnection between healthcare information and other sources – law enforcement, on-line payment, social media – become more prevalent. Understanding how patient identity is authenticated can not only help health care professionals better secure electronically stored health information, but also understand the complexities involved.
- Mark Elson, principal, Intrepid Ascent
- Barb Filkins, consultant, Syntax2Semantics LLC
12:15-1:15 p.m. Keynote and lunch
Understanding the threat and how to meet it
Modern cyber security strategy is built around the concept of defending networks from the threat of an attack. What is the threat, who is the threat, and what emerging concerns should we have as we prepare our organizations for the 2019 threat landscape?
- Anne Marie Zettlemoyer, independent researcher and strategist
1:15-1:30 p.m. Networking break
1:30-3 p.m. Breakout sessions
Advancing your Cybersecurity Objectives: Meaningful Metrics & the Board
Addressing cybersecurity concerns continues to challenge healthcare organizations, as leadership searches for meaningful metrics and insights that convey progress and risk. This presentation focuses on tools to develop key cybersecurity metrics to effectively communicate with leadership and the board. Attendees will learn useful techniques for instilling confidence and assuring leadership that the organization’s cybersecurity risks are appropriately managed.
- Katie Stewart, senior member of technical staff, Software Engineering Institute, Carnegie Mellon University
Medical Device Product Security: Securing technology through partnerships and transparency Securing medical technology is a shared responsibility that requires collaboration and transparency. In this panel, we will explore key topics in medical device product security, including innovative partnerships between device manufacturers, healthcare systems and government subject matter experts on topics ranging from the Joint Strategic Plan for the Healthcare industry to vulnerability disclosure and collaborative penetration testing.
- Ashley S. Woyak, business information security officer, IT Security and Risk Management, Baxter Healthcare Corporation
- Margie Zuk, Principal Cybersecurity Engineer, MITRE
- Julian M. Goldman, MD, attending anesthesiologist, Massachusetts General Hospital Medical Director, Partners HealthCare Biomedical Engineering Director, Program on Medical Device Interoperability & Cybersecurity (MD PnP)
3-3:15 p.m. Networking break
3:15-4 p.m. Closing remarks
4:30-6:30 p.m. Welcome reception
Friday, 10/26/2018
8 a.m. - 2 p.m. Sponsors & exhibits
8-8:30 a.m. Continental breakfast
8:30-8:45 a.m. Welcome
8:45-9:45 a.m. Opening keynote
When and how to contact the FBI
Learn what kinds of potential attacks would merit FBI involvement, and what your options are for contacting the FBI. We’ll describe just how the FBI arrives at your doorstep, and what it looks like to exchange information with the FBI. Have you written a cyber incident response plan? Have you tested it?
- Brian Cyprian, supervisory special agent, FBI Charlotte
9:45-10 a.m. Networking beverage break
10-11:45 a.m. Breakout sessions
Cyber Preparedness Master Class: Practical strategies and tactical execution for your cross-functional cyber preparedness program
An organization’s response to a cybersecurity incident is proportional to the maturity of its preparedness program. Join us for a workshop-style session where we will share best practices for cross-functional Incident Response planning and Tabletop Exercises using the Incident Command System. From the Golden Hour through Closure and Lessons Learned, we will work together to define the key elements of a communication-coordination framework though each operational phase of a response that is inclusive of the technical, legal and executive strategies and tactics necessary for responding to events. We will then leverage our framework into Tabletop Exercise templates that participants can use in everyday practice.
- Dana-Megan Rossi, product security officer, Becton, Dickinson
- Christopher Frenz, AVP of Information Security and Infrastructure, Interfaith Medical Center
From Incident Response to Incident Preparedness (part I) and Practical Tips for Cybersecurity on a Budget (part II)
Long before the incident occurs, a great amount of preparation work needs to take place. Real world experience gained from the trenches will be shared in this session. Mike Mahon, Director Security Operations for LabCorp, will share insights gained from their recent ransomware attack. Additionally Mike will share IR scenarios that you can use for your next IR Tabletop. Justin Armstrong, who leads MEDITECH's Product Security, will share anonymized real life accounts of ransomware and incident response, the lessons learned, and the practical steps you can take to secure your organization now.
Curtis Dukes, Executive VP of CIS(R), will share practical information that can be used to truly secure your organization. This includes such important topics as how to speak the language of the business, legal considerations when there is a breach, and protecting against the scourge of ransomware. Speakers from DHS NCATS will speak about the free services they provide to critical infrastructure and the success their partners have seen.
- Mike Mahon, director of security operations for LabCorp
- Justin Armstrong, security analyst for Meditech
- Curtis Dukes, EVP and general manager, Security Best Practices & Automation Group, Center for Internet Security
- Jason Hill, Red Team Assessments, National Cybersecurity Assessment & Technical Services (NCATS), National Cybersecurity and Communications Integration Center, DHS
Noon-1 p.m. Keynote and lunch
A Prescription for Collaboration: What’s Next for the Cyber Health Working Group
- Steve Mancini, Chief Technology Officer, National Cyber-Forensics & Training Alliance
- Frankland Gorham (invited), Assistant Director, Cyber Division, FBIHQ
1-1:30 p.m. Closing remarks
REGISTRATION
Registration is FREE for all CHWG members. MEMBERS Register here
Non-members and industry professionals can purchase registrations for $395. PLUS take advantage of a special, discounted early bird rate offering $50 off when purchasing your registration by Wednesday, September 26th.
Conference registrations include access to all sessions and events, as well as meals and refreshments, handouts and materials, and an evening opening reception/networking event on Thursday. Travel and hotel should be booked separately.
HOTEL & ACCOMODATIONS
The 2018 Healthcare CyberGard conference will feature the beautifully renovated Omni
Charlotte Hotel as this year’s venue.
Omni Charlotte Hotel envelops you in luxury with a touch of genuine North Carolina
hospitality. Centrally located in the heart of Charlotte’s financial district and less than 10 miles from Charlotte/Douglas International Airport, the hotel offers the perfect destination for business and leisure travel. Linked to 12 city blocks via a sky bridge, the Omni is moments from all Charlotte has to offer, including Discovery Place, Charlotte Convention Center and the EpiCentre Entertainment District.
Available through Wednesday, September 26th, a discounted room block of $229 per night
has been secured.
MAKING RESERVATIONS BY PHONE
Dial (704) 377-0400. Specify CHWG 2018 Conference Room Block.
MAKING RESERVATIONS ONLINE
Book your group rate
SPONSORSHIP & EXHIBITORS
A limited number of sponsorship and exhibitor opportunities are available for this year’s conference. A full sponsor prospectus with benefits and costs can be found HERE.