The SI 2019 CISO Summit sponsored by Deloitte was held October 24 & 25. Co-hosts CHRISTUS VP and CISO Fernando Blanco and BayCare VP and CISO Thien Lam welcomed 21 chief cybersecurity officers and other healthcare IT security executives from across the country to the CISO Summit convened at the Hyatt Regency on the beautiful San Antonio River Walk.
Deloitte’s Raj Mehta kicked off the two-day meeting with a “Cyber Breakout Room” exercise that used an escape-room type game to foster deeper security awareness. Participants were dared to solve seven challenges within 20 minutes focused around unlocking a laptop infected with ransomware. Seven security executive volunteers did it in eight minutes, breaking the previous Deloitte record of 11 minutes! The world record-setting game participants included Ron Mehring, Michael Erickson, Alex Ludwinek, Mike Czumak III, Tom August, Preston Jennings and Scott Dresen.
To wrap up the afternoon session, the group tackled “Next-Generation Cybersecurity: Trends and Issues,” exploring the challenges and complexities in the context of healthcare trends such as consumerism, interoperable data and the cloud. Discussion focused on the characteristics of healthcare transformation in the context of:
- Increasing complexity of eco-system & alliances;
- Explosion of connected devices, wearables, IoT & medical devices;
- User-friendliness of cyber-risk prevention tactics;
- Digital privacy in an era of data sharing; and
- Artificial intelligence-related cyber-risk management considerations.
On Day 2, CHRISTUS’ Fernando Blanco introduced case study presentations focused on next-level technical architecture:
- Memorial Sloan Kettering Cancer Center’s AWS Hybrid Cloud Architecture Design, presented by Mike Czumak, VP & CISO, MSKCC
- Cloud Security and O365, presented by Preston Jennings, EVP Information Security & CISO, Trinity Health
On cloud, virtual and remote monitoring:
- Texas Health Resource’s Continuous Monitoring, Event Triage & Reporting, presented by Ron Mehring, VP Technology and Security & CISO, THR
- Trinity’s Threat Intelligence Investments/Results, presented by Preston Jennings, CISO, Trinity Health
On board and executive management reporting:
- Strategic Business Risk/Cyber Controls, presented by Tom August, VP & CISO, John Muir Health
- Offshore Exception Tracking/Reporting, presented by Fernando Blanco, CHRISTUS Health
On future business-model infrastructure:
- Business Model Evolution, presented by Mike Gomez, VP & CISO, Bon Secours Mercy Health
- Workforce of the Future, presented by Michael Erickson, CISO, Baptist Health
Fernando Blanco, Thien Lam, and SI Executive Director Janet Guptill wrapped up the 2019 SI CISO Summit by summarizing the sessions, placing them in the context of the ongoing healthcare cybersecurity conversation nationally and globally, and then inviting everyone to the 2020 SI CISO Summit to be hosted by Baptist Health in Louisville in May 2020.
Not pictured: Barry Beckett, VP and CISO, Houston Methodist