Building a medical device cybersecurity program
MedSec – Stephanie Domas
Every healthcare provider has its own unique set of business objectives, compliance requirements, policies, procedures, and technology solutions. As a result, it also has its own unique set of threats, vulnerabilities, and risks.
Traditional approaches to Cyber Risk Management, including one-size-fits-all checklist assessments, spreadsheets, and paper-based systems, are proving insufficient in addressing the unique needs of organizations and often do not meet HIPAA compliance requirements. This presentation will discuss how, working in partnership with Clearwater, Vancouver Clinic has developed an efficient and effective program for analyzing cyber risk across its enterprise. Best practices, including methodologies and tools utilized, will be shared.
Stopping Targeted Ransomware Attacks
CISCO – Chris Riley
Ransomware attacks have evolved from Mass Distributed threat like Locky and Gandcrab to a more targeted attack model. Groups such as, Ryuk, Megacortex, SAMSAM, and LockerGoga have inflicted serious damage on government and private organizations throughout 2019. The goal of this session is to provide analysis of targeted ransomware attacks which use compromised credentials or info stealer malware for initial intrusion and use pentest tools like CobaltStrike and Powershell Empire for exploitation, lateral movement and privilege escalation. The session will recommend mitigations for hardening Active Directory and PowerShell to stop these attacks. The presentation will also cover best detection methods creating audit policies to monitor for account enumeration, mimikatz activity, elevation of privileges, detect lateral movement and creation of dummy accounts. The session will also recommend updates to business continuity strategies such as backup/recovery strategy, cyber insurance and IR retainers.
Defining Today’s Hacker
CISCO – Chris Riley
The hackers of today work in an eco-system where all kinds of enterprise hacking tools, target lists, exploits, database dumps, FUD services, RaaS, MaaS, Cashout services, bullet proof hosters, botnets for hire, spam botnets, Pay-per-install services, etc. are available on dark marketplaces to empower and support ongoing modern day criminal activity. Hackers have a different set of skills now. They do it for the money, not for the fame. This presentation would describe the need for diversification of security defenses in light of the new risks and threats from today’s attacker.
HC3 Threat Briefing
HC3 – Troy Adams and Mark Billinger
More details to be provided.
Additional (Awaiting information)
IWorksTech – Caston Thomas
CISA – Rick Lichtenfels