mlns='http://www.w3.org/1999/xhtml'>
Register now for free Black Hat Webcast, February 11 at 11am
PLEASE JOIN US FOR THE NEXT INSTALLMENT IN THE BLACK HAT WEBCAST SERIES |
|
|
|
Healthscare – An Insider's Biopsy of Healthcare Application Security |
|
|
|
Thursday, February 11, 2021 11:00AM - 12:00PM PDT // 60 MINUTES, INCLUDING Q&A | Healthcare security teams are in a tough spot. While the provider industry is taking security seriously, they are at the mercy of the software vendors who provide the healthcare organizations with the data delivery, processing and storage solutions that are critical to delivering patient care and keeping patient data secure. Given the reliance on these systems, it begs the question – how secure are these solutions? Seth Fogie has spent the last 10+ years in the trenches of the healthcare industry and has seen the good, bad and ugly of what is being provided to your providers. As an insider, Seth has experienced the unique tension healthcare security teams face as they work to securely implement these solutions and will share some of what has been found. The core of this presentation will focus on vulnerabilities and design issues within healthcare solutions. As we will illustrate through the dissection of numerous clinical focused systems, including radiology reading, EMR downtime, patient entertainment, pharmacy distribution, nurse communication, M&A EMR, clinical documentation and temperature monitoring systems, the prognosis doesn’t look good. Unfortunately, it is our experience that there are few solutions within the hospital enterprise that do not have issues. The goal for this public 'biopsy'? The healthcare security community needs help increasing the pressure to ensure all of our data is safe from poorly designed and developed vendor solutions. While we can't play the name and shame game for a number of reasons, we want to increase awareness through numerous technical illustrations and ask for your help in increasing scrutiny on all healthcare solutions. This isn't just an application security problem – it is all our healthcare data at risk and this audience is positioned in a unique spot to help. | |
|
|
| |
|
|
|
Seth Fogie Seth Fogie serves as the Information Security Director at Penn Medicine where he is a member of the leadership team helping to build and maintain a world class security program for the enterprise. In Seth's 20 + years of experience in the field of security, he has also led a security software development company, served as CTO for a development firm focused on the creation of educational environments for hands-on security exercises, and has authored numerous books/articles on information security related subjects. In addition to Seth's current role at Penn Medicine, he also enjoys opportunities to perform security research and testing, helping numerous healthcare vendors remediate and correct security deficiencies, making the healthcare industry safer for all! |
|
|
|
Guy Raz Guy Raz is a Sr. Systems Engineer at ExtraHop with previous experience as a Network Engineer and Solution Architect. In his role, Guy has developed a deep understanding of the challenges to meet the security, network and compliance requirements that are unique to healthcare organizations. Before joining the Systems Engineer team, Guy was one of the ExtraHop Solution Architects, responsible for conducting deep technical and business discovery sessions, assisting in troubleshooting and problem resolution during war-room and security/network investigations and developing strategies for acquiring high-value data from the wire; requiring in-depth technical understanding of L2-L7 networking principles. |
|
|
|
| Upcoming Black Hat Events |
|
|
|
|