Monthly Cyber Briefing
Engage. Educate. Prepare.
Every first Thursday of the month from 12:00-1:00 PM (Central Time)
*Due to holidays, the timing of some sessions may be adjusted. See schedule below.
We invite you to join us each month for a free, virtual Monthly Cyber Briefing!
During each one hour-long session, an industry expert will draw on their previous experience to cover several key topics & trending news related to healthcare cybersecurity.
Overview
The Monthly Cyber Briefing is a digest of trending news and announcements related to healthcare’s cybersecurity landscape, and it provides expert insight that is designed to help healthcare information security professionals stay on top of what matters most.
Topics include…
- Trending cybersecurity threats within the healthcare industry and combative best practices
- Coverage of recent incidents and key takeaways in terms of lessons learned
- Updates on new regulations and standards and what they change/impact
- Deep dives on specific cybersecurity challenges facing healthcare organizations
Register once to secure your seat for all Cyber Briefings. See below for information on upcoming sessions and the link to access replays of previous sessions.
Have questions? Contact us at info@clearwatersecurity.com.
May Topic & Speakers
Disaster Recovery and Business Continuity Planning
Steve Cagle
Chief Executive Officer
Clearwater
Angie Santiago
Manager, Consulting Services – Resiliency Solutions
Clearwater
Tom Joyce
vCISO, Technical Security Services
Clearwater
Session Schedule
1/11 January
A Look at HHS’s Healthcare Cybersecurity Strategy with Iliana Peters and Greg Garcia
In early December, the U.S. Department of Health and Human Services (HHS) released a concept paper outlining the Department’s cybersecurity strategy for the healthcare sector. The paper details four pillars for action, including publishing new voluntary healthcare-specific cybersecurity performance goals (CPGs), working with Congress to develop support and incentives for domestic hospitals to improve cybersecurity, and increasing accountability and coordination within the healthcare sector.
More information on HHS’ cybersecurity plan is expected to come early in the new year. At the same time, governmental action to improve cybersecurity in healthcare is happening at the state level as well, as New York recently announced plans to provide grant funding hospitals and implement new regulations.
The cybersecurity practices of healthcare organizations are under the microscope like never before, and to help you get a handle on what further steps we might see from federal and state agencies in 2024, we have two leading experts joining our first Monthly Cyber Briefing of the new year.
As Executive Director of the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG), Greg Garcia leads the group whose mission is to collaborate with HHS and other federal agencies to identify and mitigate systemic risks that affect patient safety, security, and privacy, and consequently, national confidence in the healthcare system. Greg has unique on HHS’ cybersecurity plans through his work with the HSCC CWG.
For many years, Iliana Peters both developed information privacy and security policy, including on emerging technologies and cyber threats, for HHS, while coordinating with the Department of Justice, Department of Education, other federal agencies, State Attorneys General and the White House. Now, as a Washington, DC-based Shareholder with the law firm Polsinelli, Iliana works closely with healthcare clients on complicated compliance questions, incident response, investigations, and training to protect data and avoid legal risk and legal liability, both at the state and federal levels.
Greg and Iliana will join with Clearwater CEO Steve Cagle for what promises to be a very insightful discussion. This is one Cyber Briefing you do not want to miss.
2/1 February
Evolving guidance for medical device cyber-risk and the strategic management approaches for tackling legacy devices
Legacy medical devices are a today problem, not a tomorrow problem. Join Clearwater’s Director of Consulting Services, Jon Benedict, for a conversation about why most medical devices are currently considered “legacy” and the strategies cybersecurity leaders can take to mimize the risks associated with these devices. Jon will also cover the medical device cybersecurity maturity model and share some thoughts on its practical application in healthcare organizations.
Clearwater CEO Steve Cagle will also share a threat landscape and regulatory update. There’s also to cover as cyberattackers continue evolving their tactics and HHS released it voluntary cybersecurity performance goals just last week. Don’t miss it!
3/7 March
Latest Developments in the Healthcare Threat Landscape
During the March edition of Clearwater’s Monthly Cyber Briefing, Corporate CISO and CTO for Managed Security Services Steve Akers and Dave Bailey, VP of Consulting Services, will dive deep into current trends in the healthcare threat landscape. They will cover the latest on the ScreenConnect vulnerability that is tied to the Change Healthcare cyberattack and review nation-state threat actors that are targeting U.S. critical infrastructure. In addition, Steve and Dave will discuss the continuing evolution of ransomware-as-a-service and what healthcare organizations need to know about how it’s being used against them.
Their discussion follows Clearwater CEO Steve Cagle’s round-up of other recent developments impacting the industry, including the news that random HIPAA audits are on the horizon.
4/4 April
Top Vendor Risk Management Challenges Facing Healthcare Leaders
The Change Healthcare cyberattack is yet another example of healthcare organizations’ vulnerability to operational disruptions due to security breaches in their third-party vendors and the extended supply chain. Vendors remain one of the most difficult components of risk to manage and also one of the most likely to contribute to a breach.
During our April Cyber Briefing, we will cover the latest developments related to the Change Healthcare attack as well as new threats and concerns that healthcare leaders should have on their radar. Our team will then focus in on the subject of vendor risk management and discuss the top challenges facing healthcare organizations, share insights on trends we’re seeing across the industry, and provide guidance on key actions to take to reduce your third-party risk.
5/2 May
In the wake of the Change Healthcare attack, many healthcare organizations are asking hard questions about the impact a cyberattack can have on their operations and whether their Business Continuity Plan is sufficiently honed to minimize disruption if an incident shuts down access to key systems and data.
Our May Cyber Briefing will feature insights from two members of Clearwater’s Consulting team who are experts in Disaster Recovery and Business Continuity Planning:
- Angie Santiago—A certified Business Continuity Professional and former health system CISO, Angie has extensive emergency preparedness experience as an organizational resilience leader for provider communities, community care centers, healthcare systems, academic medical centers, and DHHS.
- Tom Joyce —Certified in Disaster Recovery Planning, including Business Impact Analysis planning and execution, and a former regional health system CISO, Tom also has deep experience leading emergency preparedness within healthcare organizations.
Following Steve Cagle’s review of the latest developments that healthcare leaders should have on their radar, Angie and Tom will discuss how, by applying interdisciplinary frameworks centered around risk and resilience, organizations can improve their ability to respond and recover from threats, shocks, or crises—whatever form they may take.
6/6 June
Info coming soon!
7/11 July
Info coming soon!
8/1 August
Info coming soon!
9/5 September
Info coming soon!
10/3 October
Info coming soon!
11/7 November
Info coming soon!
12/5 December
Info coming soon!
CHIME Continuing Education Credits
Clearwater’s 2023 Monthly Cyber Briefings have been approved by the College of Healthcare Information Management Executives (CHIME) for 1 non-CHIME CEU per session attended towards the certification programs listed below:
- Certified Healthcare CIO (CHCIO) program
- Certified Healthcare Information Security Leader (CHISL) program
- CHIME Foundation Certified Healthcare Executive (CFCHE) program
- Certified Digital Health (CDH) program
CHIME and AEHIS members can download the agenda (below) and submit for total hours earned here.
HIMSS Continuing Education Credits
This program is approved for up to 12.0 continuing education (CE) hours for use in fulfilling the continuing education requirements of the certification programs listed below:
- Certified Professional in Healthcare Information & Management Systems (CPHIMS)
- Certified Associate in Healthcare Information and Management Systems (CAHIMS)