Agenda

________________

 

Get UpdatesRegister

Day 1

Tuesday, June 13, 2023

All times below are Eastern Time
}

08:30AM – 09:15AM

In Person

Registration & Networking Continental Breakfast

}

08:45AM – 09:15AM

Online

Log In – Online Attendees

09:15 AM

}

09:15AM – 09:30AM

v

Opening

Opening Remarks from the Chairs

Brendan Kwolek
Chief Information & Digital Officer, Halton Healthcare

Kashif Parvaiz
Chief Information Security Officer, University Health Network

09:30 AM

}

09:30AM – 10:15AM

Session 1

Case Study: The Hospital for Sick Children – Lessons Learned in Responding to a Cyber and Ransomware Attack

Expand/collapse session description...

Healthcare organisations are seeing more cyber attacks, many of which also include ransomware attacks.

The Hospital for Sick Children (SickKids) recently dealt with a major cybersecurity incident (Code Grey) that began at 9:30 p.m. on Sunday, December 18.

It was a serious and difficult situation, particularly under the threat of ransomware, with staff working quickly to bring all impacted systems back online as quickly as possible by implementing back up procedures for systems.

Key Session Takeaways Include:

  • How did SickKids prepare for cyber attacks ahead of time, to mitigate the protection impacts on care and patient data
  • How did continuity of care continue as systems went offline
  • What unique aspects of a ransomware attack needed to be addressed
  • What responses were taken, when were they taken, and is there anything they would do differently?

Nimira Dhalwani
Chief Technology Officer, The Hospital for Sick Children

10:15 AM

}

10:15AM – 11:00AM

Session 2

Planning for “Code Grey”: Securing Canada’s Healthcare Sector

Moderated by: Keith Jonah, Cyber Services Leader, ISA Cybersecurity

Expand/collapse session description...

Unprecedented levels of sophisticated cyber attacks are being launched daily against the healthcare sector. Sophisticated crime gangs and state-sponsored disrupters have healthcare facilities in the crosshairs, creating chaos with phishing campaigns and ransomware attacks.

Join this must-see session with thought leaders and decision-makers in the healthcare sector to learn about the cyber threats plaguing our healthcare system.

Key Session Takeaways Include:

  • Gain an understanding of why protecting healthcare presents unique challenges
  • Understand which threats are most concerning
  • Gather practical advice on how you can help protect the healthcare industry from cyber threats, even in today’s challenging environment

Jeff Curtis
Chief Privacy Officer, Sunnybrook Health Sciences Centre 

Kajeevan Rajanayagam
Cyber Security Manager, University Health Network (UHN)

Adam Kohler
Director, Systems Engineering, Forescout

11:00 AM

}

11:00AM – 11:30AM

Break

Morning Break

11:30 AM

}

11:30AM – 12:15PM

Session 3

Staffing Challenges: Recruiting, Retaining, and Mentoring Staff in Today’s Complex Job Market

Expand/collapse session description...

Although most public and media attention has been directed toward the crisis of finding nurses and doctors, it is equally challenging to meeting staffing requirements in Cybersecurity. Healthcare organizations are in a particularly challenging situation in that they are competing against each other, but also the private market.

With emerging literature and data we are finding the role of CSIO becoming increasingly stressful. From being on call 24/7 to the high stakes decision making taking place many times a day, it takes a specific type of person to excel in this role.

Key Session Takeaways Include:

  • What is the current landscape for cyber employment, and tech in general
  • What impact does public sentiment play when attitudes for the healthcare system is negative
  • How can organizations create excitement for the role, appeal to values and purpose, and provide tangible mentorship and career advancement opportunities
  • How should we focus on the individual during incidences, particularly concerning health and welfare during a period of stress with a heavy workload
  • What is the data showing us? What has been staff feedback?

Brendan Kwolek
Chief Information & Digital Officer, Halton Healthcare

12:30 PM

}

12:30PM – 01:15PM

Break

Networking Lunch

01:15 PM

}

01:15PM – 02:00PM

Session 4

Exploring a Zero Trust Architecture in the Healthcare Industry: How to Get Started and Pitfalls to Avoid

Expand/collapse session description...

Digital transformation is in full swing for rural and northern health teams, but the security those systems require must also be factored in. There has also been an explosion of hyper-connected IT, IoT (Internet of Things) and IoMT (Internet of Medical Things) devices and, with it, a greatly expanded cyber-attack surface.

With constant transformation and the explosion of interconnected devices, how do you even begin to plan for a zero-trust architecture beyond the managed users and workstations?

Key Session Takeaways Include:

  • What is Zero Trust and how do you get there
  • Some of the common pitfalls to avoid
  • Why Zero Trust doesn’t stop at managed users and workstations – IoMT devices must be included in the architecture planning up-front

02:00 PM

}

02:00PM – 02:45PM

Session 5

Ontario Health – Minimize Threats, Maximize Recovery: Scaling Cyber Security Capabilities Across the Healthcare Sector

Expand/collapse session description...

The healthcare sector remains a prime target for cybercriminals. To strengthen the healthcare sector’s cyber resilience and security posture, Ontario Health established a Provincial Cyber Security Model that allows the sector to enhance the protection of patient information and help mitigate operational service disruptions while safeguarding the province’s digital health assets.

During this session, Ontario Health will further elaborate on the evolution of the model, including its incident response notification guidance and how the next phase will better strengthen the cyber capabilities of health service providers and contribute to a more resilient digital health system in Ontario.

Key Session Takeaways

  • Critical shifts to Ontario Health’s Provincial Cyber Security Model
  • Importance of information sharing at scale across the healthcare sector
  • Operational next steps for the acute sector

Lyndon Dubeau
VP, Innovations, Connected Health, Ontario Health

02:45 PM

}

02:45PM – 03:15PM

Break

Afternoon Break

03:15 PM

}

03:15PM – 04:00PM

Session 6

Leadership in Cybersecurity Panel: Where are Leaders Focusing Their Attention and What Threats are They Anticipating in the Future

Moderated by: Kashif Parvaiz, Chief Information Security Officer, University Health Network

Expand/collapse session description...

Cybersecurity threats appear quickly and are becoming more innovative and hostile. This presents an ever present threat to hospital operations and patient safety.

Join in the discussion as our panel of cybersecurity leaders discuss some of their thoughts on where we are and were we need to be in the world of cybersecurity defence.

Key Session Takeaways Include:

  • What’s next in terms of cyber threats to hospital operations
  • What are they currently working on
  • How should hospitals prepare and respond, whether big or large
  • What do they want to be focusing on
  • Educating and preparing the board
  • What are the KPIs from the board perspective – building standardization

Dennis Young
Director IT, CISO, North York General Hospital

Mark Watmough
Director of Digital Operations, VHA Home HealthCare

Sam Fielding
Chief Information Officer, Southlake Regional Health Centre

Penny Longman
Director, Information Security & Data Stewardship, Fraser Health

04:00 PM

}

04:00PM – 04:10PM

v

Closing

Closing Remarks from the Chairs

Brendan Kwolek
Chief Information & Digital Officer, Halton Healthcare

Kashif Parvaiz
Chief Information Security Officer, University Health Network

04:15 PM

}

04:15PM – 05:00PM

In Person

Networking Reception

Day 2

Wednesday, June 14, 2023

All times below are Eastern Time
}

08:15AM – 09:15AM

In Person

Registration & Networking Continental Breakfast

}

08:45AM – 09:15AM

Online

Log In – Online Attendees

09:15 AM

}

09:15AM – 09:30AM

v

Opening

Opening Remarks from the Chairs

Brendan Kwolek
Chief Information & Digital Officer, Halton Healthcare

Kashif Parvaiz
Chief Information Security Officer, University Health Network

09:30 AM

}

09:30AM – 10:15AM

Session 7

New Data Governance and Cyber Resiliency Standards for Healthcare

Expand/collapse session description...

Healthcare organizations are targets of cyber attacks including, social engineering attacks, ransomware attacks, and data exfiltration. Establishing standardized baseline cybersecurity controls at each healthcare organization is becoming more vital to the protection of patient data, and care.

With this in mind, with the support of Public Safety Canada and HealthCare CAN, the Digital Governance Standards Institute is developing a standard to support cyber resilience in the healthcare system. What will the standard look like, and what do you need to know going forward?

Key Session Takeaways Include:

  • What should be the minimum requirements for cyber security in healthcare organizations
  • How can we establish standards across different provinces, and organizational sizes
  • What should best practices look like
  • What are the next steps and how can you provide input

Darryl Kingston
Executive Director, Digital Governance Standards Institute, Digital Governance Council

Jonathan Mitchell
Vice-President, Research and Policy, HealthCareCAN

10:15 AM

}

10:15AM – 11:00AM

Session 8

Reducing Cyber Risk in Healthcare

Expand/collapse session description...

Healthcare remains one of the biggest targets for cyberattacks globally. Healthcare data is comprehensive and provides all of the materials cyber criminals need for their nefarious purposes. Moreover, the use of IoT/OT devices and shared workstations mean that healthcare IT is susceptible to threats, including ransomware and data breaches.

New data extracted from the HHS/OCR data breach portal shows us that in 2022 there were 546 major data breaches due to Hacking/IT, which reflects a 4 percent increase over the 521 major data breaches due to Hacking/IT in 2021. These data breaches in 2022 included the sensitive and private healthcare records of over 43 million people.

Join this session to learn how to:

  • Detect threats in healthcare networks early in the kill chain
  • Protect standard and non-standard devices such as OT/IoT anywhere
  • Improve SecOps efficiency with unparalleled visibility and automation

Anthony James
Vice President, Product Marketing, Infloblox

11:00 AM

}

11:00AM – 11:30AM

Break

Morning Break

11:30 AM

}

11:30AM – 12:15PM

Session 9

Canadian Cyber Threat Exchange (CCTX) – The Year in Review: An Inside Look at the Incidents, Notable Hackers, System Vulnerabilities, and Outcomes Over the Past Year

Expand/collapse session description...

Every year there are Global cyber incidents in healthcare settings that seem improbable, and many others that seem clever. Despite our best efforts, hackers somehow manage to get through. What trends are we seeing, and what can we learn from these breaches?

Key Session Takeaways Include:

  • What vulnerabilities are being exploited most, and how can we reverse this?
  • Which codes are being deployed, and by whom? What emerging threats are we seeing?
  • What incidents are being defeated, and how?

Jennifer J. Quaid
Executive Director, Canadian Cyber Threat Exchange (CCTX)

12:15 PM

}

12:15PM – 01:15PM

Break

Networking Lunch

01:15 PM

}

01:15PM – 02:00PM

Session 10

Session to be announced

Expand/collapse session description...

Session description coming soon…

02:00 PM

}

02:00PM – 02:30PM

Break

Afternoon Break

02:30 PM

}

02:30PM – 03:15PM

Session 11A

Incident Response Protocols and Other Legal Concerns

Expand/collapse session description...

For anyone tasked with cybersecurity, it is not a question of if an attack or breach will occur, but when. This requires a deliberate, careful and process -driven plan to deflect and recover from an attack.

Key Session Takeaways Include:

  • The practical realities of handling an incident response
  • Your legal and practical obligations during an incident
  • Important steps you need to take for a data breach, including ransomware
}

02:30PM – 03:15PM

Session 11B

CIO Roundtable

Moderated by: Brendan Kwolek, Chief Information & Digital Officer, Halton Healthcare

Expand/collapse session description...

The challenges unique to the CIO role necessitates some information sharing and lessons learned; yet, it is imperative to be vigilant against divulging your strengths, vulnerabilities and areas of focus.

In this closed-door CIOs only session, you will be free to gather with your peers to exchange ideas, strategies, findings, and other areas of concern in private.

03:15 PM

}

03:15PM – 04:00PM

Session 12

Where Do We Go From Here? And How Do We Get There? A Practical Plan For This Year & Beyond

Moderated By: Mohammad Waqas, Principal Solutions Architect, Global Healthcare, Armis

Expand/collapse session description...

Drawing upon the discussions we have heard over the last couple of days, this fireside chat will highlight the most salient solutions to the challenges we are all facing.

Through a unique question and answer session we will build out how we as a collective can best proceed to protect our systems, be more resilient to cyber incidents – and ultimately ensure patient care services are maintained.

Kashif Parvaiz
Chief Information Security Officer, University Health Network

04:00 PM

}

04:00PM – 04:10PM

v

Closing

Closing Remarks from the Chairs

Brendan Kwolek
Chief Information & Digital Officer, Halton Healthcare

Kashif Parvaiz
Chief Information Security Officer, University Health Network

Join Our Mailing List

Receive news on relevant upcoming conferences and Early Bird deals.