Sharpen your skills with interactive cyber security training In-Person or Live Online. Learn more.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Patient healthcare data is under constant attack: Steps you can take to mitigate the problem

  • Wednesday, May 06, 2015 at 3:00 PM EDT (2015-05-06 19:00:00 UTC)
  • Christopher Strand, Barbara Filkins


  • Carbon Black

You can now attend the webcast using your mobile device!



Healthcare organizations are facing an unprecedented and evolving threat landscape but many struggle to focus their security efforts. Patient data is targeted by advanced attacks, as cyber-criminals have recognized the windfall that can result from a successful breach.

The HIPAA Security Rule aims to guide covered entities but leaves many IT security and compliance professionals wondering where to focus first.

During this webinar we'll map out steps covered entities can take to address the highest priority areas of the HIPAA Security Rule - or any security framework - including:

  • Defending against malicious software
  • Protection of file and data integrity
  • Vulnerability assessments & risk ranking

Attendees will learn:

  • Which security controls to focus on to ensure the best risk posture
  • How positive security provides real-time visibility into applications and processes running on endpoints and servers where PHI is stored
  • About your peer organizations that are using proactive security controls, along with the compliance and security benefits they've achieved

Speaker Bios

Christopher Strand

Christopher Strand leads Carbon Black's security, risk and compliance program. With more than 20 years of information technology and compliance experience, he oversees the development of enterprise network and application security solutions that help organizations deploy positive security to maintain and improve their compliance posture. Previously, Christopher held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. A PCI Professional (PCIP) and trained Quality Security Assessor (QSA), he also has been certified on and is proficient with other regulatory disciplines including HIPAA, North American Electrical Reliability Corporation (NERC) and Gramm-Leach-Bliley Act (GLBA). Christopher regularly speaks and writes about security, compliance issues and best.

Barbara Filkins

Barb Filkins, a senior SANS analyst who holds the CISSP and SANS GSEC (Gold) and GCH (Gold) certifications, has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Most recently she's been involved with HIPAA security issues in the health and human services industry with clients ranging from federal agencies (DoD and VA), municipalities and commercial businesses, focusing on issues related to automation - privacy, identity theft and exposure to fraud, as well as the legal aspects of enforcing information security. Barbara sees security as an interaction of policy, process, platforms, pipes AND people.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.