OnDemand Includes 4 Months Access to Course Content - Special Offers Available Now!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Health Care Provider Breaches and Risk Management Roadmaps: Part 1 - Health Care Security from the Bottom Up

  • Wednesday, July 20, 2016 at 1:00 PM EDT (2016-07-20 17:00:00 UTC)
  • Mike Goldgof, Barbara Filkins, Hugh Njemanze, Ty Powers


  • Anomali
  • Carbon Black
  • Forescout Technologies BV
  • Great Bay Software
  • Trend Micro Inc.
  • WhiteHat Security

You can now attend the webcast using your mobile device!



Clinical systems and customer healthcare information are more at risk than ever. This webcast will reveal how healthcare providers are opening up their systems to exchanges, mobile patient applications and other new risks as they continue to struggle to secure their legacy systems and medical devices.

Building on the SANS 2014 survey report on health care cyber security, this webcast will go over the results of our new SANS health care cyber security survey just completed by more than 200 health care IT professionals. In this webcast, we explore drivers, assets targeted, attack vectors, breach histories and concerns related to increased use of mobile and cloud computing, as well as devices and controls in use.

Today's webcast focuses on security from the trenches - including the assets most at risk, breaches against those assets, and how, in particular, cloud and mobile computing are changing the threat landscape. This webcast will explore:

  • Drivers for security programs
  • Assets that are being targeted by adversaries
  • Attack vectors used and how successful they are
  • Response readiness
  • Inhibitors to improving security and response
  • How respondents are addressing concerns raised by increased mobile/cloud computing in the health care environment

Part 2 of this webcast will be held on Thursday, July 21 at 1 PM Eastern. In it, we'll look at health care security from the top down, focusing on management priorities, controls and budgets. Click here to register for Part 2.

Register to attend this webcast to be among the first to receive the associated whitepaper written by Barbara Filkins.

Speaker Bios

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

Mike Goldgof

Mike Goldgof brings over 20 years of executive experience in marketing and product management to WhiteHat where he is responsible for all product marketing activities. His previous experience includes senior roles in marketing, product management and business development with information security, software and telecommunications companies, including Juniper Networks, Hifn, Phoenix Technologies and Lucent. At WhiteHat Security, Mike is responsible for product messaging, solutions content, sales enablement and go-to-market strategies. He holds an MBA in Marketing from Columbia Business School and an MS in Electrical Engineering from Cornell University.

Hugh Njemanze

Hugh Njemanze, CEO of Anomali, has an illustrious 30-year career in the enterprise software industry. He co-founded ArcSight in May 2000 and served as CTO as well as executive vice president of research and development. Hugh led product development, information technology deployment and product research at ArcSight, and he expanded these responsibilities to lead all engineering and R&D efforts for HP's Enterprise Security Products group, the organization that ArcSight became part of post-acquisition. Prior to joining ArcSight, Hugh worked as the CTO at Verity, where he led product development, and before that he was a key architect behind data access language (DAL) at Apple.

Ty Powers

Ty Powers, principal security analyst for Great Bay Software, has been working in the information technology and security industry for 19 years. He specializes in all phases of network security, from planning and scaling architecture to the implementation and deployment of key network security solutions. Ty is interested in matters related to security, along with studying the intersection of policy and new technologies.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.