« All Events

  • This event has passed.

SI 2019 CISO Summit – Cybersecurity Impact of Cloud/Virtual/Mobility

October 24, 2019 - October 25, 2019

The 2019 SI CISO Summit sponsored by Deloitte was held October 24 & 25. Co-hosts CHRISTUS VP and CISO Fernando Blanco and BayCare VP and CISO Thien Lam welcomed 21 chief cybersecurity officers and other healthcare IT security executives from across the country to the CISO Summit convened at the Hyatt Regency on the beautiful San Antonio River Walk.

Deloitte’s Raj Mehta kicked off the two-day meeting with a “Cyber Breakout Room” exercise that used an escape-room type game to foster deeper security awareness. Participants were dared to solve seven challenges within 20 minutes focused around unlocking a laptop infected with ransomware.  Seven security executive volunteers did it in eight minutes, breaking the previous Deloitte record of 11 minutes!  The world record-setting game participants included Ron Mehring, Michael Erickson, Alex Ludwinek, Mike Czumak III, Tom August, Preston Jennings and Scott Dresen.

 

To wrap up the afternoon session, the group tackled “Next-Generation Cybersecurity: Trends and Issues,” exploring the challenges and complexities in the context of healthcare trends such as consumerism, interoperable data and the cloud. Discussion focused on the characteristics of healthcare transformation in the context of:

  1. Agility;
  2. Increasing complexity of eco-system & alliances;
  3. Explosion of connected devices, wearables, IoT & medical devices;
  4. User-friendliness of cyber-risk prevention tactics;
  5. Digital privacy in an era of data sharing; and
  6. Artificial intelligence-related cyber-risk management considerations.

 

"It's All About the Data" chart
“It’s all about data” Click to see full-size.

 

On Day 2, CHRISTUS’ Fernando Blanco introduced case study presentations focused on next-level technical architecture:

  • Memorial Sloan Kettering Cancer Center’s AWS Hybrid Cloud Architecture Design, presented by Mike Czumak, VP & CISO, MSKCC
  • Cloud Security and O365, presented by Preston Jennings, EVP Information Security & CISO, Trinity Health

On cloud, virtual and remote monitoring:

  • Texas Health Resource’s Continuous Monitoring, Event Triage & Reporting, presented by Ron Mehring, VP Technology and Security & CISO, THR
  • Trinity’s Threat Intelligence Investments/Results, presented by Preston Jennings, CISO, Trinity Health

On board and executive management reporting:

  • Strategic Business Risk/Cyber Controls, presented by Tom August, VP & CISO, John Muir Health
  • Offshore Exception Tracking/Reporting, presented by Fernando Blanco, CHRISTUS Health

On future business-model infrastructure:

  • Business Model Evolution, presented by Mike Gomez, VP & CISO, Bon Secours Mercy Health
  • Workforce of the Future, presented by Michael Erickson, CISO, Baptist Health

 

Fernando Blanco, Thien Lam, and SI Executive Director Janet Guptill wrapped up the 2019 SI CISO Summit by summarizing the sessions, placing them in the context of the ongoing healthcare cybersecurity conversation nationally and globally, and then inviting everyone to the 2020 SI CISO Summit to be hosted by Baptist Health in Louisville in May 2020.

 

Thomas August

Thomas August

VP and CISO, John Muir Health

Vice President and Chief Information Security Officer | John Muir Health Tom August (CISSP, CPHIMS) is an award-winning CISO and respected industry leader with over 25 years of experience in Information Security, IT Auditing and Risk Management.   Tom has made...
Fernando Blanco

Fernando Blanco

VP and CISO, CHRISTUS Health

Fernando Blanco is Vice President and Chief Information Security Officer at CHRISTUS Health, one of the nation’s largest Catholic healthcare delivery system.  He is responsible for the Cybersecurity program supporting CHRISTUS Health’s delivery network across four states, in four countries...
Chris Convey

Chris Convey

VP and CISO, Sharp HealthCare

VP and CISO at Sharp HealthCare Chris has extensive leadership experience in information and technology risk, cyber security, IT operations and cloud technologies.  Before his current role at Sharp, Chris was CIO and CISO at Millennium Health where he led...
Michael Czumak

Michael Czumak, III

VP and CISO, Memorial Sloan Kettering Cancer Center

VP and CISO at Memorial Sloan Kettering Cancer Center I have over 11 years experience in IT and Information Security. My primary role is developing and leading an application security and penetration testing program, performing hands-on testing of a variety...
Scott D. Dresen, MBA, FACHE, FHIMSS

Scott D. Dresen, MBA, FACHE, FHIMSS, CISSP, CISM

SVP, Information Security & CISO, Corewell Health

Scott D. Dresen, MBA, FACHE, FHIMSS, CISSP, CISM is the chief information security officer of Corewell Health—formed by the coming together of Beaumont Health and Spectrum Health in 2022. As the chief information security officer, Scott is accountable as the...

Michael Erickson, MBA

CISO, Baptist Health

Michael Erickson is chief information security officer (CISO) for Baptist Health. In this role, which he has held since Nov. 1, 2016, he works in collaboration with the system’s clinical, information technology and compliance departments, serving as a member of...
Michael Gomez

Michael Gomez

VP and CISO, Bon Secours Mercy Health

VP, Chief Information Security Officer | Bon Secours Mercy Health Michael Gomez is VP, CISO for Bon Secours Mercy Health. In this role, he is responsible for technical security control environment and risk oversight across 7 states, 43 hospitals, 1,000 points...

Todd Greene

VP and Enterprise CISO, Atrium Health

Todd is the Vice President & Enterprise CISO for Atrium Health, which now includes Wake Forest Baptist Health.  Todd has been with Atrium Health for more than 21 years and started his career as a member of the server team...
Kevin Hamel

Kevin Hamel, CISM

VP IT Ops & Technical Platforms & CISO, Hartford HealthCare

Kevin has nearly 25 years of experience and proven leadership in cybersecurity and IT management in the financial and healthcare sectors.  Prior to joining Baystate Health, Kevin was the Chief Information Security Officer for COCC, a managed IT services provider...
hamel
Jim Hanson

James L. Hanson

Regional Information Security Officer, Avera Health

Regional Information Security Officer | Avera James L. Hanson (Jim) has over 30 years of senior management experience in the healthcare, insurance and financial services sectors.  His career has spanned organizations from Fortune 500 companies to information security start-ups.  In...

Todd Hill

Director, Information Security & Deputy CISO, Baptist Health

Todd Hill is a member of Baptist Health’s cyber security leadership team.  He is responsible for the implementation and management of Baptist’s enterprise security architecture, threat detection & response, and vulnerability management capabilities. Hill joined Baptist in March 2015 as...
Preston Jennings, VP, Information Security and CISO for Trinity Health

Preston Jennings

EVP, Information Security and CISO, Trinity Health

Preston Jennings is the EVP, Information Security and Chief Information Security Officer for Trinity Health, a $16.3 B healthcare provider with 120,000 employees, operating in 22 states. Preston joined Trinity Health in 2016 from PricewaterhouseCoopers, where he was the CISO...
Thien Lam, VP and CISO, BayCare Health System

Thien Lam

VP and CISO, BayCare Health System

Mr. Lam joined BayCare in 2011. Mr. Lam brings strong focus on the strategic implementation of the organization’s vision for robust protection via BayCare's information security program which includes IT risk, business resiliency and PCI compliance. He is an avid speaker...
Mark Lantzy

Mark Lantzy

CIO, IU Health

SVP & CIO, Indiana University Health President, IU Health Plans Mark Lantzy is the senior vice president and chief information officer at Indiana University Health, Indiana’s leading healthcare system. He is responsible for overseeing information services, including strategic planning, operations...
Alex Ludwinek

Alex Ludwinek

Director of Cyber Risk Management and IAM, Memorial Hermann Health System

Alex Ludwinek is the Director of Cyber Risk Management and IAM at Memorial Hermann Health System. In this role Alex leads governance, risk and compliance efforts along with the automated management of user accounts and access. Prior to his current...
Kathryn McClellan, CHCIO

Kathryn McClellan, CHCIO

SVP and CIO, Froedtert Health Inc.

An outstanding senior level executive with over 20 years' experience in nursing, healthcare operations and information technology that spans the provider, vendor and consulting sectors. She has vast experience in operations management, strategic planning, process redesign, information system design/implementation and...
Ron Mehring MBA, CISSP

Ron Mehring MBA, CISSP

CISO, VP of Technology & Security, Texas Health Resources

Ron Mehring serves as the Chief Information Security Officer and Vice President of Technology & Security for Texas Health Resources, one of the largest faith-based, nonprofit health care delivery systems in the United States. The system's primary service area includes...
Brad Sanford

Brad Sanford

CISO, Emory University, Emory Healthcare

Chief Information Security Officer | Emory University and Emory Healthcare Brad Sanford currently serves as the Chief Information Security Officer for Emory University where he has overarching information security responsibilities for both Emory University and Emory Healthcare.  Brad has over 25...

Pavel Slavin

VP and CISO, Froedtert & Medical College of Wisconsin

Pavel Slavin, vice president and chief information security officer for Froedtert Health, oversees the enterprise security/cybersecurity strategy to protect the health system’s information assets. With the health care sector increasingly the target of cyber threats, innovative cybersecurity technology helps the...
Paul VanAmerongen

Paul VanAmerongen

VP and CISO, UW Health

Paul VanAmerongen joined UW Health as Vice President and Chief Information Security Officer in February 2017. In this role, Paul develops and leads the strategic vision for UW Health’s enterprise information security program. Prior to joining UW Health, Paul served...

Not pictured: Barry Beckett, VP and CISO, Houston Methodist[/td_block_text_with_title]

Raj Mehta

Raj Mehta

Partner, Deloitte

Summary Raj is a Partner with Deloitte Advisory’s Cyber Risk Services.  Raj currently leads the Cyber Security Practice within the Healthcare Provider space across the US. Raj has over twenty-three (23) years of experience in the field of information governance,...
Anant Sethi

Anant Sethi

Advisory Manager, Deloitte

Anant Sethi is a Manager with Deloitte Advisory’s Cyber Risk Services, specializing in the health care industry. He has more than 9 years of experience in designing and executing cyber security and governance initiatives. His expertise includes development and maintenance...

Not pictured: Anand Dedhia, Manager, Deloitte[/td_block_text_with_title]

Thomas August Fernando Blanco Chris Convey Michael Czumak Scott D. Dresen Scott Dresen Michael Erickson Michael Gomez Todd Greene Kevin Hamel James L. Hanson James Hanson Jim Hanson Todd Hill Preston Jennings Thien Lam Mark Lantzy Alex Ludwinek Kathryn McClellan Ron Mehring Brad Sanford Pavel Slavin Paul VanAmerongen Barry Beckett Raj Mehta Anant Sethi Anand Dedhia