Join us for the FREE Cyber Defense Forum | Live Online on October 9


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

SANS Institute and the National Health Information Sharing & Analysis Center Partner to Advance Healthcare Cyber Security

Second Annual Healthcare Cyber Security Summit to Promote Industry-Wide Collaboration

  • Bethesda, MD
  • September 30, 2014

With an ever-evolving threat landscape threatening to wreak havoc on the healthcare industry, SANS Institute and the National Health Information Sharing & Analysis Center (NH-ISAC) today announced a partnership to help healthcare organizations overcome today's complex cyber security issues through greater awareness and information sharing. The partnership combines SANS' world-class cyber security training and expertise with NH-ISAC's growing healthcare information sharing network.

To foster greater collaboration and education within the healthcare industry, SANS and NH-ISAC will host the second annual Healthcare Cyber Security Summit in San Francisco on December 3rd, followed by an extensive seven day security training program. This unique event brings together security experts from leading healthcare organizations to discuss proven approaches for securing healthcare entities.

"The healthcare industry has long relied on information security programs driven by compliance requirements. But compliance alone is not enough, given the frequency of breaches and a threat landscape that changes every 30 days, it is clear this approach is no longer sufficient. To successfully defend against attackers, the industry must move to a risk-driven approach based on evolving threats," said Jim Routh, NH-ISAC board member & Chief Information Security Officer, Aetna. "New threats in healthcare are escalating, and the most effective security approach for the industry is to share information. NH-ISAC and SANS are joining forces to educate the industry on these threats and best-practice techniques and tools available to help the healthcare industry protect intellectual capital and consumer health information."

The Healthcare Cyber Security Summit will detail how healthcare organizations can balance the security, compliance, and innovation required to thrive in today's quickly changing market. Senior information security leaders will share their experiences dealing with nation- state sponsored threat actors from the pharmaceutical industry. Attendees will also learn the facts behind supply chain security risks with medical devices for health providers and hear what CISOs from other industries entering health care are concentrating on. Topics that will be discussed at the summit include:

  • Emerging health care security threats;
  • Security of medical devices;
  • State of incident response;
  • Information sharing frameworks;
  • Mobile and digital care;
  • Challenges with using the cloud;
  • Health Insurance Exchange (HIX) security; and
  • User case studies.

For additional details on the summit, including a complete overview of presentations and training courses, or to register for the event, please visit:

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (