SANS 2nd Survey on the State of Information Security in Health Care Institutions: Part 2
Part 2: Survey Results and Cloud Computing Concerns and Controls
- Thursday, December 11th, 2014 at 1:00 PM EST (18:00:00 UTC)
- Barbara Filkins, Nicholai Piagentini, Jay Schulman, Jonathan Trull
You can now attend the webcast using your mobile device!
In October 2013, the inaugural health care survey uncovered that IT security personnel believe their security programs are primarily driven by compliance and that compliance isn't working. Compared to other industries, health care was far behind the security curve at that time. With another year of experience and vulnerability, have health care IT security staff made the needed improvements in their programs?
Part 1 of the webcast reviews survey results and discusses mobile health concerns and controls. Click here to register for Part 1: Survey Results and Mobile Health Concerns and Controls. Be sure to register and attend both parts of this webcast to be eligible for a $50 American Express gift card awarded LIVE during this webcast!
This webcast takes a deeper dive into cloud computing. Health care has long embraced pathways that are fundamentally cloud computing. Telemedicine, remote monitoring and Internet services for medical service have provided low-cost, high-availability services to clinicians for almost two decades. But is cloud computing secure? What impact will the HIPAA Omnibus Rule have on physician relationships with cloud-based EHR suppliers? And how do the concerns around mHealth unveiled in the Part 1 webcast impact cloud security, especially as mHealth and cloud converge in organization's overall mobile cloud computing strategy for 2015 and beyond?
Join us as our speaker, Barbara Filkins, SANS Analyst and health care expert, compares and contrasts the impact of cloud computing on the more traditional concerns around health care security.
Barb Filkins, a senior SANS analyst who holds the CISSP and SANS GSEC (Gold) and GCH (Gold) certifications, has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Most recently she's been involved with HIPAA security issues in the health and human services industry with clients ranging from federal agencies (DoD and VA), municipalities and commercial businesses, focusing on issues related to automation - privacy, identity theft and exposure to fraud, as well as the legal aspects of enforcing information security. Barbara sees security as an interaction of policy, process, platforms, pipes AND people.
Nicholai (Nick) Piagentini is the senior solutions architect at CloudPassage. Prior to that he worked as a consulting engineer at Palo Alto Networks and spent time at Juniper Networks as well as Netscreen Technologies. Nick brings 15 years of disruptive networking and security experience to his role at CloudPassage. Nick has worked with security professions from major enterprises, educational institutions, governments and the military in four continents.
Jay Schulman is a managing principal at Cigital and leads their Midwest Practice focusing on software and application security. This includes BSIMM measurements, program strategy and development, mobile application security, web application security, product security, medical device security and penetration testing. Jay has assessed the security of numerous medical devices and medical information portals including Class I, II and III devices. Devices assessed include pacemakers, monitors, surgical instruments, and other devices that transmit health information from the patient to a medical professional. Additionally, Jay has assisted hospitals and health insurance companies on the security of their environments.
Jonathan Trull, CISO for Qualys, is responsible for working with Qualys' growing customer base to develop and share security best practices, researching real world threats and collaborating on how to address them. Before joining Qualys, Jonathan was the CISO for the State of Colorado, where he oversaw the information security operations for 17 executive branch departments, encompassing approximately 26,000 employees and 150,000 systems. In cooperation with federal and state partners, Jonathan formed the state's first Cyber Crime Task Force, which is charged with conducting criminal investigations into computer crimes, developing and sharing cyber intelligence, and working with local government and private sector partners to increase cyber resiliency.