This keynote, presented by Crowdstrike, will take a close look at observed modern attacks specifically against Healthcare organizations locally and globally and the impact they have had to patient care. Attack trends and common methods will be identified and advice on risk mitigation strategies will be presented.

Cyber incidents resulting in code grey are highly impactful to patient care. The business goal is to try and recover and restore normal operation on all necessary systems as quickly as possible. This panel discussion, featuring panelists who have had recent code greys, will discuss key prerequisites that are necessary from both a technical and business perspective to reduce downtime post incident to a minimum

Many necessary healthcare and enterprise applications are being delivered in the cloud as SaaS services. In addition, access is now required from any devices including personal non-corporate devices. These shifts in work patterns necessitates a change in cyber security design with a move to bring security as close to the endpoint as possible and enforce all desired policies. This panel will discuss how each organization is tackling this problem in their journey towards a ‘zero-trust’ design.

Most recent cyber breaches have been a result of poor identity management, lack of controls and mismanagement of privileged accounts. With identity being the new perimeter, effective maintenance of user identities is paramount. This panel will dive into the best practices to manage and administer the expanding number of user identities within a healthcare organization.

Hospitals are not the only organizations to hold vast amount of patient information. The entire connected care spectrum needs to be protected through a patients journey. In this panel members from Long Term Care and Home healthcare will discuss some of the similarities as well as differences of managing a cyber program for a non-acute care organization.

This keynote, presented by Wiz, will discuss the opportunities and risks of leveraging cloud infrastructure and services for healthcare delivery and research. Areas to be mindful of when sending sensitive data into the cloud will be mentioned as well as practical risk mitigation techniques to help fully harness the potential of the cloud to drive innovation securely.

Nearly all organizations worldwide are struggling to leverage AI for efficiency and productivity while at the same time protecting sensitive information from disclosure. This panel, featuring privacy and security specialists, will explore the steps that all organizations need to take to set up a sustainable and viable AI governance process. This will help cultivate an environment that can utilize the power of AI responsibly while also adhering to patient privacy requirements.

It has now been just over three full years since the shared services approach to cyber security maturity at hospitals in Ontario was launched. The Local Delivery Group (LDG) model has moved from a pilot to a fully operational model with formal governance and oversight. In this discussion, several LDG leads will discuss what has worked for them, their approach to offering services to their members, plans for this fiscal year and beyond and any desired changes to the model.

This keynote, presented by Fortinet, will highlight some of the benefits and use cases of healthcare organizations who have transitioned to a full zero trust model. The steps to achieve the model and practical advice on where to start will be presented.

Recently, several hospitals within Ontario have transitioned to new HIS. This major clinical transformation introduces a new element of risk as most vital patient information will be stored in this system. This is an opportunity to learn from three organizations who have recently migrated to a new HIS. They will discuss what steps they took from a cyber security perspective to ensure that security and privacy were baked into the system from the start.

The proliferation of medical devices from pumps, to patient monitors to diagnostic imaging devices is growing exponentially. These devices pose unique risks as they cannot be managed in the same was a traditional endpoint workstations; however, they are critical to patient care delivery. Learn from three organizations who are at different stages of their journey to identifying, classifying and securing medical as well as building and other IOT devices.

Discussion of network security including DNS based attacks and attack surface management