This event has passed.

SI 2021 CISO Virtual Summit – Strategic Security: Facing Off Against Threats

Name: SI 2021 CISO Virtual Summit – Strategic Security: Facing Off Against Threats
Start: 2021-12-07T10:00:00-06:00
End: 2021-12-07T13:30:00-06:00

December 7, 2021, 10:00 am - 1:30 pm CST

At its recent CISO Virtual Summit, sponsored by Deloitte on December 7, 2021, the Scottsdale Institute
convened 18 Members from 18 organizations to discuss strategy options in environments where
breaches and bad actors continually threaten security. By constructing effective threat intelligence,
enabling security and privacy in today’s ecosystems and studying ransomware playbooks and practice,
these professionals shared their tips, tricks, lessons learned and goals for more protected and proactive
security.

For more information and resources, see our CISO Affinity Group page.

[td_block_text_with_title custom_title=”Attendees”]

Bryan McDowell

VP and Chief Security Officer, University Hospitals

Bryan McDowell is a Vice President, Chief Security Officer at University Hospitals in Cleveland, Ohio. McDowell joined University Hospitals in February 2014 after serving in a number of roles, most recently as Associate Information Security Officer, for Stanford Heath Care...

Christie Polley

CISO, Northern Light Health

CISO, Northern Light Health See LinkedIn Polley [pt_view id="7702e5caft"]

Erik Decker

VP and CISO, Intermountain Healthcare

Erik Decker is the Vice President and Chief Information Security Officer for Intermountain Health, a multi-state integrated delivery network based in Salt Lake City, Utah. Erik has 24 years of experience within Information Technology, with 17 years focused on Information...

George Carion

CTO, Cedars-Sinai Health

CTO, Cedars-Sinai Health See LinkedIn Carion [pt_view id="57e6081x1l"]

Jeff Bontsas, CISSP, CHISL

VP, Information Security and CISO, Ascension

VP, Information Security and CISO, Ascension See LinkedIn Bontsas [pt_view id="25abd0241z"]

Michael Czumak, III

VP and CISO, Memorial Sloan Kettering Cancer Center

VP and CISO at Memorial Sloan Kettering Cancer Center I have over 11 years experience in IT and Information Security. My primary role is developing and leading an application security and penetration testing program, performing hands-on testing of a variety...

Patrick C. Voon, CISSP, CISA, CGEIT, CIPM, PCIP

Executive Director, IS Security and CISO, Loma Linda University Health

Patrick Voon has been in IT for over 34 years, with 27 of those years in Information Security. He started his Information Security career at Kaiser Permanente in the Pacific NW and has been in professional cybersecurity consulting services for...

Pavel Slavin

VP and CISO, Froedtert & Medical College of Wisconsin

Pavel Slavin, vice president and chief information security officer for Froedtert Health, oversees the enterprise security/cybersecurity strategy to protect the health system’s information assets. With the health care sector increasingly the target of cyber threats, innovative cybersecurity technology helps the...

Robert Perry

CISO, Carilion Clinic

CISO, Carilion Clinic See LinkedIn Perry [pt_view id="1eae276lae"]

Ron Yeager

VP Information Security and CISO, HonorHealth

VP Information Security and CISO, HonorHealth See LinkedIn Yeager [pt_view id="bee4d11zsv"]

Scott D. Dresen, MBA, FACHE, FHIMSS, CISSP, CISM

SVP, Information Security & CISO, Corewell Health

Scott D. Dresen, MBA, FACHE, FHIMSS, CISSP, CISM is the chief information security officer of Corewell Health—formed by the coming together of Beaumont Health and Spectrum Health in 2022. As the chief information security officer, Scott is accountable as the...

Thien Lam

VP and CISO, BayCare Health System

Mr. Lam joined BayCare in 2011. Mr. Lam brings strong focus on the strategic implementation of the organization’s vision for robust protection via BayCare's information security program which includes IT risk, business resiliency and PCI compliance. He is an avid speaker...

Tina Basch

VP and CISO, Baystate Health

VP and CISO, Baystate Health See LinkedIn Basch [pt_view id="8451464dtg"]

Vugar Zeynalov

CISO, Cleveland Clinic

Vugar Zeynalov is the Chief Information Security Officer for the Cleveland Clinic Health System. The Cleveland Clinic is a nonprofit 5,500+ physician multi-specialty group practice with a 22-hospital system network across northeast Ohio, Florida, and Nevada. The organization has over...

Not pictured: Matt Heign, VP & CTO & Interim CISO, UW Health[/td_block_text_with_title][td_block_text_with_title custom_title=”Speakers”]

David Mahon

Global CISO, Deloitte

Dave Mahon is a C-level Executive, strategist, and cybersecurity thought leader recognized for approaching global risk with a cyber lens. Most recently, as the Global Chief Information Security Officer (CISO) of Deloitte Touche Tohmatsu Limited, Dave designed and implemented the...

Jason Elrod

CISO, MultiCare Health System

CISO, MultiCare Health System See LinkedIn Elrod [pt_view id="45d924fmla"]

Jigar Kadakia

VP and Chief Information Security and Privacy Officer, Mass General Brigham

Jigar Kadakia has served as Vice-President and Chief Information Security and Privacy Officer for Mass General Brigham since 2014. Mr. Kadakia comes to his role having spent more than 20 years in consulting delivering, developing and managing privacy and cyber...

Raj Mehta

Partner, Deloitte

Summary Raj is a Partner with Deloitte Advisory’s Cyber Risk Services. Raj currently leads the Cyber Security Practice within the Healthcare Provider space across the US. Raj has over twenty-three (23) years of experience in the field of information governance,...

Sanjeev Sah

VP and CISO, Centura Health

Sanjeev Sah serves as VP, Chief Information Security Officer at Centura Health and leads the enterprise-wide Information Security Program. Sanjeev has previously served in various IT leadership roles including as the Head of Technology at Unum, as Chief Technology Officer...

Will Hatcher

Director of Enterprise Security - Cyber Fusion Center, Trinity Health

Director of Enterprise Security - Cyber Fusion Center, Trinity Health See LinkedIn Hatcher [pt_view id="ca897c8loe"]

[/td_block_text_with_title]

Member Learning Objectives:

Managed Security Services and what others are doing

Evolving hacking/threat techniques and counter actions/protections

Sharing and learning how to improve organizations security posture

Practical people, process and technology capabilities that others have implemented to effectively address cyber threats

Collaboration and Networking with my peers and learning what challenges other CISOs are having

Updated industry knowledge in security, what others are doing in multiple areas

Presentations:

Security of Cloud-enabled Transformation – Raj Mehta, Partner, Deloitte
Effective Threat Intelligence – Jason Elrod, CISO, MultiCare
Defend Against Ransomware – Will Hatcher, Cyber Fusion Center Director, Trinity Health

Agenda

10 - 10:40 am	Welcome - Janet Guptill, President and CEO, Scottsdale Institute Overview of Summit - Raj Mehta, Partner, Deloitte Healthcare Trends and Hot Topics Discussion Hosts: Deloitte - Raj Mehta and David Mahon, Global CISO The intent of this discussion will be to provide a perspective on where we are seeing various organizations focus their efforts as part of their cyber security strategy, and how this is leading to supporting the future of health and future of cyber. This will also help setup context for the next sessions. Group Discussion and Q&A
10:40 - 10:45 am	Five-minute Break and Polling
10:45 - 11:25 am	Effective Threat Intelligence Discussion Host: MultiCare - Jason Elrod, CISO Questions to consider: Data sources (internal and external) (FBI, CHIME, H-ISAC, Other government agencies, etc.) Tuning out the noise Staffing, Skills, Outsourcing, Lessons Learned Incident Response process and Playbooks Group Discussion and Q&A
11:25 - 11:30 am	Five-minute Break and Polling
11:30 am - 12:10 pm	Enabling Security & Privacy in an Ecosystem Discussion Hosts: Mass General Brigham - Jigar Kadakia, Chief Information Security and Privacy Officer Centura - Sanjeev Sah, CISO Questions to consider: Third party, Supply Chain, Payer – assessments Cloud provider assessments Data analytics, AI Group Discussion and Q&A
12:10 - 12:15 pm	Five-minute Break and Polling
12:15 - 1:15 pm	Ransomware Playbooks and Practice Discussion Host: Trinity Health - Will Hatcher, Director of Enterprise Security - Cyber Fusion Center Questions to consider: Notify government agencies (crime scene) Negotiation (pay ransom or not pay ransom, timing, amount, avoid funding terrorism) Recovering after an attack Avoiding future attacks Tabletops exercises Ransomware external supports and retainers (Mandiant, Verizon, others) Group Discussion and Q&A
1:15 - 1:30 pm	Wrap Up Best Takeaways Next Steps

Bryan McDowell Christie Polley Erik Decker George Carion Jeff Bontsas Michael Czumak Mike Czumak Patrick C. Voon Patrick Voon Pavel Slavin Robert Perry Ron Yeager Scott D. Dresen Scott Dresen Thien Lam Tina Basch Vugar Zeynalov Matt Heign David Mahon Dave Mahon Jason Elrod Jigar Kadakia Raj Mehta Sanjeev Sah Will Hatcher