2016 Fall Summit Agenda*


The fall brochure is now available. View the brochure here.

Time Sunday, 13 November
6:30 PM – 9:00 PM Board Dinner
Time Monday, 14 November
8:00 AM – 9:00 AM Board Breakfast
9:00 AM – 12:00 PM Board Meeting
12:00 PM – 2:00 PM Committee Meetings
12:00 PM – 6:00 PM Registration
2:00 PM – 3:45 PM Member Meeting
4:00 PM – 5:00 PM
Grand Rounds
Deception Technology – Cymmetria Deception Technology – Illusive Networks UBA/Identity & Access Intelligence – Veriphyr Cybersecurity Breach Prevention – Palo Alto Networks
5:15 PM – 6:15 PM Welcome Reception
6:30 PM – 9:00 PM Sponsor Dine Arounds
9:00 PM – 11:00 PM Hospitality Suite – Sponsored by Securonix
Time Tuesday, 15 November
7:00 AM – 8:00 AM Breakfast
8:00 AM – 8:30 AM Opening Remarks: Learn. Plan. Train. Share. Win.
Jim Routh, Aetna
8:30 AM – 9:15 AM Keynote: Blunting/Disrupting Adversary Actions Through Sharing
General Keith Alexander, USA (Retired)
9:15 AM – 9:45 AM Effective Security Planning for Regulatory Compliance
Shawn Henry, Crowdstrike
9:45 AM – 10:15 AM Networking Break – Sponsored by Pindrop
10:15 AM – 11:15 AM
Grand Rounds
Advanced Cyber Intelligence – Booz Allen Hamilton Intelligent Data Protection – Thin Air Continuous Third Party Risk Monitoring – Security Scorecard Mobile Threat Defense – Skycure
11:15 AM – 11:30 AM Transition Break
11:30 AM – 12:00 PM Learning from Traditionalists – Industrial OT & the Internet of Things
Doug Clifton, EY
Bullet Proof Multi-Factor Authentication (MFA)
Damon Becknel, Horizon BCBSNJ
Lessons Learned From a Real Work Implementation of User Behavioral Analytics (UBA)
Kurt Lieber, Aetna
Recommendations for Improving the Cybersecurity Relationship Between Medical Device Manufacturers and Health Care Authorities
Bill Hagestad, Smiths-Medical
12:00 PM – 1:00 PM Lunch – Sponsored by Agari
1:00 PM – 2:00 PM Sustainable Security Operations – Leveraging Managed Services
Carlos Amaya, Deloitte; Deepak Lakhiani, Hoag Hospital Memorial Presbyterian
The ‘Crawl’ in Crawl Walk Run is Overrated...Lessons in SDLC Childhood Development
Alan Leung, BCBSNJ
Application Security – Full Static Analysis on 2 Hours a Month
Robert Sullivan, Surescripts
Medical Device Vulnerability Sharing: Post Market Regulatory Perspectives of an ISAO
Denise Anderson, NH-ISAC; Dr. Dale Nordenberg, MDISS; Dr. Suzanne Schwartz, FDA
2:00 PM – 2:15 PM Transition Break
2:15 PM – 3:15 PM The Art of Deception for Advanced Threat Detection in Healthcare Organizations
Tushar Kothari, Attivo Networks
Insider Threats: Combating Risk With Formal Insider Threat Programs
Brenda Ferraro, Aetna; Kostas Georgakopoulos, Procter & Gamble; Rocco Grillo, Stroz Friedberg, LLC
Not all Sinkholes are Bad – Leveraging Response Policy Zones for Intelligence and Blocking
David Crawford, Aetna; Sean Kallaugher, Aetna
Overview of AAMI TIR 57: Principles for Medical Device Information Security Risk Management
Michelle Jump, Stryker; Michael Seeberger, Boston Scientific; Nick Sikorski, Deloitte
3:15 PM – 3:45 PM Networking Break
3:45 PM – 4:15 PM Heart Attacks vs. Headaches: Balancing Security and Healthcare
Norm Laudermilch, Invincea
Using the Intelligence Cycle to Build Your Threat Intelligence Program
Matt Ambrose, Philips; Cam Macomber, Philips
Catch and Release: Organizational Health through Phishing Exercises
Michael Schymanski, HM Health Solutions; Mark Vescovi, HM Health Solutions
Medical Device Security: The Transition from Patient Privacy to Patient Safety
Adam Brand, Protiviti
4:15 PM – 4:30 PM Transition Break
4:30 PM – 5:00 PM O365 Strategies, Considerations and Concerns for Healthcare/CEs
Michael Ebert, KPMG; Kerri Murphy, KPMG
6:00 PM – 9:00 PM Beach Event
9:30 PM – 11:00 PM Hospitality Suite – Sponsored by Perch Security
Time Wednesday, 16 November
7:00 AM – 8:00 AM Breakfast
8:00 AM – 8:15 AM Opening Remarks
8:15 AM – 8:45 AM Open Source Security With Cisco
Joel Esler, Cisco
8:45 AM – 9:15 AM UEBA Closed Loop Deployments and Identity Analytics for IAM
Nathan Harris, Aetna; Kurt Lieber, Aetna
9:15 AM – 9:45 AM Networking Break
9:45 AM – 10:45 AM A Smarter Approach to Third-Party Risk Management & Threat Monitoring
Norman Menz, Prevalent
Feeding the Pandas
Tarik Rahmanovic, Blue Cross Blue Shield Association
Healthcare Aggregators: A Call to Action
Brian Heemsoth, Aetna
Threat Analysis and Vulnerability Assessment
Mehmet Turner, Medtronic

Applications and Practices for Medical Equipment Security
Mike Busdicker, Intermountain Healthcare; Priyanka Updendra, Intermountain Healthcare
10:45 AM – 11:00 AM Transition Break
11:00 AM – 12:00 PM Solving Healthcare’s Security and Compliance Crisis with Big Data Security Analytics
Mike Lipinski, Securonix
One if By Land, Two if By Sea
Vitali Kremez, Flashpoint; Jim Routh, Aetna; Joe Stewart, SecureWorks
Homeland Security Fusion Center’s Role in Public Health
Daniel Mahoney, NCRIC; Craig Rosenberg, NCRIC
Smart PKI for Connected Medical Device Security
Roberta Hansen, Abbott Laboratories; Mike Nelson, DigiCert
12:00 PM – 1:00 PM Lunch – Sponsored by Digital Shadows
1:00 PM – 2:00 PM What We Can Learn From How SJM Approaches Threat Intelligence
Russ Staiger, St. Jude Medical
Four CISO Tribes and Where to Find Them
Greg Barnes, BCBSNJ; Steve Katz, Retired; Spencer Mott, Amgen; Jim Routh, Aetna; Moderator: Gary McGraw, Cigital
Into the (Security) Breach!
Brad Sanford, Emory University and Emory Healthcare
Securing B2B Data Transmissions – Addressing Key Control Gaps
Paul Jones, HM Health Solutions
2:00 PM – 2:15 PM Transition Break
2:15 PM – 2:45 PM Navigating the New Normal of Third Party Risk Management
Brenda Ferraro, Aetna; Brian Depersiis, EY; Moderator: Nana Ahwoi Larsen, EY
Application Security Zero to Hero
Jeremy Anderson, Cambia Health Solutions
Workstation Defend Thyself – A Discussion of Wins and Challenges in Deploying Windows Advanced Firewall
Branden Carter, Blue Cross of Idaho Health Services, Inc.
Security Control Considerations for Mobile Medical Applications on iOS Chris Reed, Eli Lilly and Company
2:45 PM – 3:00 PM Transition Break
3:00 PM – 4:00 PM Hacking Healthcare: Ransomware Becomes a New Norm
Vitali Kremez, Flashpoint
Gaining Visibility and Control Within Your Security Program
Jigar Kadakia, Partners Healthcare
Changing Risky Behavior
Karolyn Maloney, Aetna
Medical Device Security Throughout the Product Lifecycle
Rob Bathurst, Cylance

Introduction to UL’s Cybersecurity Assurance Program (UL CAP)
Anura Fernando, UL
4:00 PM – 4:15 PM Transition Break
4:15 PM – 4:45 PM Closing Remarks & Wrap Up
5:30 PM – 10:00 PM Closing Event: MCAS Miramar

 *Subject to Change