On November 19, the Institute for Critical Infrastructure Technology conducted a briefing at the U.S. Senate entitled “Hacking Hospitals” to address the growing threats facing healthcare organizations. During this briefing, senior Senate staffers and attendees from agencies including the Departments of Veterans Affairs, State, Homeland Security, Health and Human Services and the Intelligence Community convened to gain clarity on today’s expanding attack surface as well as discuss technologies to improve security. Key takeaways from the briefing include:

  • The importance of stakeholder collaboration to improve cybersecurity in healthcare including participation by device manufacturers, cybersecurity providers, healthcare organizations, academia, government and non-profits
  • The growing “cyber-physical” domain and the growing risk to the physical safety of patients due to unsecured medical devices
  •  Technologies and solutions to reduce cyber incidents including behavioral analytics, credential and access management, machine learning, basic cybersecurity hygiene and employee training.

Sessions and speakers at the meeting included:

The Medical Device Ecosystem: Understanding & Managing today’s Threats

  • Jerry Davis, ICIT Fellow & CIO, NASA Ames Research Center
  • Kevin Stine, Manager, Information Technology Laboratory (Security Outreach and Integration), NIST
  • Elisabeth George, ICIT Fellow & V.P. Global Regulations & Standards, Philips
  • Jon Miller, ICIT Fellow & V.P Strategy, Cylance
  • Parham Eftekhari, Co-Founder & Sr. Fellow, ICIT (moderator)

Health Sector Resiliency: Emerging Cyber-threats and Strategies to Mitigate Risk

  • Steve Curren, Acting Director, Division of Resilience, HHS
  • Greg Cranley, ICIT Fellow Sr. Director of Federal, Centrify
  • Stewart Draper, ICIT Fellow & Director of Insider Threats, Securonix
  • Stacey Winn, ICIT Fellow & Sr. Product Manager, Raytheon / Websense (moderator)

Click here to view photos from this event.