Don't Miss Out on the Best Specials of the Year Available Now - Top Training, Top Instruction!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

SANS 2nd Survey on the State of Information Security in Health Care Institutions: Part 2

Part 2: Survey Results and Cloud Computing Concerns and Controls

  • Thursday, December 11, 2014 at 1:00 PM EST (2014-12-11 18:00:00 UTC)
  • Barbara Filkins, Nicholai Piagentini, Jay Schulman, Jonathan Trull


  • Cigital, Inc.
  • CloudPassage
  • FireEye
  • Qualys
  • RiskIQ
  • Tenable
  • Trend Micro Inc.

You can now attend the webcast using your mobile device!



In October 2013, the inaugural health care survey uncovered that IT security personnel believe their security programs are primarily driven by compliance and that compliance isn't working. Compared to other industries, health care was far behind the security curve at that time. With another year of experience and vulnerability, have health care IT security staff made the needed improvements in their programs?

Part 1 of the webcast reviews survey results and discusses mobile health concerns and controls. Click here to register for Part 1: Survey Results and Mobile Health Concerns and Controls. Be sure to register and attend both parts of this webcast to be eligible for a $50 American Express gift card awarded LIVE during this webcast!

This webcast takes a deeper dive into cloud computing. Health care has long embraced pathways that are fundamentally cloud computing. Telemedicine, remote monitoring and Internet services for medical service have provided low-cost, high-availability services to clinicians for almost two decades. But is cloud computing secure? What impact will the HIPAA Omnibus Rule have on physician relationships with cloud-based EHR suppliers? And how do the concerns around mHealth unveiled in the Part 1 webcast impact cloud security, especially as mHealth and cloud converge in organization's overall mobile cloud computing strategy for 2015 and beyond?

Join us as our speaker, Barbara Filkins, SANS Analyst and health care expert, compares and contrasts the impact of cloud computing on the more traditional concerns around health care security.

View the associated whitepaper.

Click here for Part I: Mobile Health Controls

Speaker Bios

Barbara Filkins

Barb Filkins, a senior SANS analyst who holds the CISSP and SANS GSEC (Gold) and GCH (Gold) certifications, has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Most recently she's been involved with HIPAA security issues in the health and human services industry with clients ranging from federal agencies (DoD and VA), municipalities and commercial businesses, focusing on issues related to automation - privacy, identity theft and exposure to fraud, as well as the legal aspects of enforcing information security. Barbara sees security as an interaction of policy, process, platforms, pipes AND people.

Nicholai Piagentini

Nicholai (Nick) Piagentini is the senior solutions architect at CloudPassage. Prior to that he worked as a consulting engineer at Palo Alto Networks and spent time at Juniper Networks as well as Netscreen Technologies. Nick brings 15 years of disruptive networking and security experience to his role at CloudPassage. Nick has worked with security professions from major enterprises, educational institutions, governments and the military in four continents.

Jay Schulman

Jay Schulman is a managing principal at Cigital and leads their Midwest Practice focusing on software and application security. This includes BSIMM measurements, program strategy and development, mobile application security, web application security, product security, medical device security and penetration testing. Jay has assessed the security of numerous medical devices and medical information portals including Class I, II and III devices. Devices assessed include pacemakers, monitors, surgical instruments, and other devices that transmit health information from the patient to a medical professional. Additionally, Jay has assisted hospitals and health insurance companies on the security of their environments.

Jonathan Trull

Jonathan Trull, CISO for Qualys, is responsible for working with Qualys' growing customer base to develop and share security best practices, researching real world threats and collaborating on how to address them. Before joining Qualys, Jonathan was the CISO for the State of Colorado, where he oversaw the information security operations for 17 executive branch departments, encompassing approximately 26,000 employees and 150,000 systems. In cooperation with federal and state partners, Jonathan formed the state's first Cyber Crime Task Force, which is charged with conducting criminal investigations into computer crimes, developing and sharing cyber intelligence, and working with local government and private sector partners to increase cyber resiliency.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.