Learn real-world cyber security skills from active industry experts in Anaheim. Save $150 thru 12/18.


To attend this webcast, login to your SANS Account or create your Account.

Patient healthcare data is under constant attack: Steps you can take to mitigate the problem

  • Wednesday, May 6th, 2015 at 3:00 PM EDT (19:00:00 UTC)
  • Christopher Strand and Barbara Filkins
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Carbon Black

You can now attend the webcast using your mobile device!


Healthcare organizations are facing an unprecedented and evolving threat landscape but many struggle to focus their security efforts. Patient data is targeted by advanced attacks, as cyber-criminals have recognized the windfall that can result from a successful breach.

The HIPAA Security Rule aims to guide covered entities but leaves many IT security and compliance professionals wondering where to focus first.

During this webinar we'll map out steps covered entities can take to address the highest priority areas of the HIPAA Security Rule - or any security framework - including:

  • Defending against malicious software
  • Protection of file and data integrity
  • Vulnerability assessments & risk ranking

Attendees will learn:

  • Which security controls to focus on to ensure the best risk posture
  • How positive security provides real-time visibility into applications and processes running on endpoints and servers where PHI is stored
  • About your peer organizations that are using proactive security controls, along with the compliance and security benefits they've achieved

Speaker Bios

Christopher Strand

Christopher Strand leads Carbon Black's security, risk and compliance program. With more than 20 years of information technology and compliance experience, he oversees the development of enterprise network and application security solutions that help organizations deploy positive security to maintain and improve their compliance posture. Previously, Christopher held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. A PCI Professional (PCIP) and trained Quality Security Assessor (QSA), he also has been certified on and is proficient with other regulatory disciplines including HIPAA, North American Electrical Reliability Corporation (NERC) and Gramm-Leach-Bliley Act (GLBA). Christopher regularly speaks and writes about security, compliance issues and best.

Barbara Filkins

Barb Filkins, a senior SANS analyst who holds the CISSP and SANS GSEC (Gold) and GCH (Gold) certifications, has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Most recently she's been involved with HIPAA security issues in the health and human services industry with clients ranging from federal agencies (DoD and VA), municipalities and commercial businesses, focusing on issues related to automation - privacy, identity theft and exposure to fraud, as well as the legal aspects of enforcing information security. Barbara sees security as an interaction of policy, process, platforms, pipes AND people.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.