Security and threats in healthcare

Sesjon om sikkerhet / Session on secutiry.

Moderator: Sverre Fossen, Norsk Helsenett


Managing Security and Threat Landscape in Healthcare

v/ Tim Erridge, Palo Alto Networks

The healthcare industry continues to be a top target for threat actors. As the industry rapidly adopts new and innovative medical technologies, exposure to cyberthreat increases, requiring a transformation in overall security strategy and deployment. Zero Trust (ZT) architecture is one crucial way to secure protected health information (PHI) and other sensitive data, applications, endpoints, connected medical devices, and systems.

In this presentation, you will learn the following:

  • Top 2023 cybersecurity trends in healthcare
  • Lessons learned from recent cybersecurity attacks on healthcare organizations
  • Best practices to manage and secure the evolving threat landscape (e.g. Zero trust architecture, end point security and increased attack surface management)

v/Luca Berni, Consulting Director in Unit42 by Palo Alto Networks


A structured approach to enable secure healthcare

v/Carl Sandaker, Cybersecurity Architect, Cisco

Less focus on technology is key to get more secure healthcare solutions.

Cisco will present how a comprehensive Security Architecture Framework can be used to structure a better process to develop and implement new solutions. The key message is: do not rush into purchasing or developing new technology before you have identified all relevant dependencies.

  1. What are the business objectives – what are you trying to achieve? Make it specific and measurable.
  2. What laws and regulations do you have to comply with?
  3. How do you manage and measure maturity, goals and progress?
  4. Identify risks and uncertainties – how is new technology introducing new risks?
  5. What controls – technology, process or organizational – will you employ to mitigate the identified risks?
  6. And finally, how do you ensure you have the operational capability and maturity to get value from your investments?

Invite your security and technology partners into the process at an early stage to discuss how to best develop a secure and compliant solution. Security and privacy must be built in, not bolted on.