global cyber security in healthcare pharma summit · global cyber security in healthcare &...

3-4 MAY 2018LONDON, UK

GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT

BLOCKCHAIN IN HEALTHCARE CONGRESS

www.global-engage .com

#CyberSecurityHealthSummit #BlockchainHealthCongress

WARM WELCOME

Global Engage is pleased to announce the Cyber Security in Healthcare & Pharma Summit and co-located Blockchain in Healthcare Congress, which will be taking place at the Radisson Blu Edwardian, Heathrow in London on 3-4 May 2018.

Cyber Security in Healthcare & Pharma SummitThe number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring together high-level representatives from around the globe to create a cyber security roadmap for the future. Attendees will come from all areas of cyber security for the healthcare, medical devices and pharmaceutical sectors. Experts will examine the cyber security landscape in these three industries, with particular focus on strategies for protection and incident response, as well as on business/regulatory considerations. Central to the aims of this event is facilitating collaboration and cooperation amongst the diverse stakeholders that will be in attendance.

Blockchain in Healthcare CongressBlockchain is the one of the most talked about technologies of 2017. With the potential exceeding any other to revolutionise the healthcare industry, it is crucial to first understand the nature of blockchain technology, to distinguish the hype from the reality and then to see real-world case studies of how blockchain can be, and is being, applied to healthcare systems. Over two days, the congress will address some of the most achievable possibilities of integrating blockchain within healthcare. Through a mixture of practical workshops, lectures and roundtable discussions specifically designed to help you get to grips with the technology, learn from those already benefitting from blockchain systems and overcome obstacles associated with integration, the congress will help you join the future of the healthcare industry. With enhanced networking sessions, an evening social and a buzzing exhibition room the Congress is one not to be missed!

GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018

+50 Presentationsfrom expert speakers

+7 Hoursof dedicated networking time

+15 Expert-ledroundtable discussions

Free Pre-Conference WorkshopLed by the NH-ISAC

2-4-12 Congresses, 1 Registration

INDUSTRIES

• Hospital & Healthcare Systems• Medical Devices• Pharmaceuticals• Health Insurance

CYBER SECURITY IN HEALTHCARE & PHARMA SYNOPSIS

BUSINESS & REGULATORY CONSIDERATIONS

• Integrating security into corporate strategy• Policy developments• GDPR & implications post-Brexit• Increasing cooperation across groups & countries• The role of insurance in covering cyber attacks

NATURE OF THE THREAT

• Examining the cyber security landscape in these sectors• Current challenges facing each system

- Healthcare – interoperability; securing medical records; rising IT costs- Medical devices – system design; securing post-market devices; standards for manufacturers- Pharma – clinical trial data; intellectual property; insider threats

STRATEGIES & TECHNOLOGIES FOR PROTECTION

• Vulnerability management / breach monitoring & detection• Best practices – the role of end users; critical infrastructure;

improving IAM programmes• The potential for blockchain, biometrics, tokenization• Incident response – business continuity & resilience• Lessons learned from the financial industry• Case studies

DIMITRA LIVERINetwork and Information

Security Expert, ENISA - The EU Cybersecurity Agency, EU

JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USA

ROBERT JAMIESONChief Information Security Officer,

Mallinckrodt Pharmaceuticals, USA

CAROLINE RIVETTCyber & Privacy Director, Life Sciences, KPMG, UK

EXPERT SPEAKERS INCLUDE:

See the full list of speakers on pages 5 & 6


Roundtable 1: Business continuity and resilience Roundtable 2: Segmentation

ROUNDTABLES SESSION 2

Roundtable 1: Data security measures to take in a digital world

Roundtable 3: Security and privacy implications of blockchain in life sciences and healthcare

ROUNDTABLES SESSION 1

Roundtables are informal, small-group interactive discussions on key topics in

the field. Discussion leaders will introduce sub-topics/questions for discussion and roundtable attendees are encouraged to

participate actively in the session.

BLOCKCHAIN TECHNOLOGY, OPPORTUNITY AND CHALLENGES

• Understanding how blockchain will affect healthcare• What are the most promising application areas for blockchain

within healthcare?• Market overview and trends• Opportunities and challenges• Overcoming the hype• New business models for democratising health• Blockchain technology and start-ups – where do you get started?

DRUG SUPPLY CHAIN & TRACEABILITY

• Tackling counterfeit drugs through blockchain transparency• Blockchain in drug discovery and development• Blockchain for precision medicine and individualised care

RETHINKING CLINICAL TRIAL MANAGEMENT

• Utilising patient-generated data through “wearables” and IoT devices

• Distributing patient consent and trial results• Trial auditing and clinical safety analyses• Accelerating research/Clinical data sharing

SECURITY & ACCESS

• Cybersecurity via Data Access Management• Security doors and accessibility• Patient and provider identity• Regulation and intellectual property• Ownership and storage of data

APPLYING BLOCKCHAIN TO HEALTH SYSTEMS

• Case studies from existing blockchain systems and trials• Examining infrastructure, costs and scalability• Nationwide interoperability• Designing and executing smart contracts• Incorporating commercial blockchain solutions• Blockchain for healthcare records (EHR/EMR)• Medication prescription blockchain• Public engagement

KATHERINE MERTONHead of Johnson & Johnson

Innovation, JLABS @ NYC, USA

MELEK SOMAIFellow in eHealth & Research at

the Centre for Cryptocurrency Research & Engineering, Imperial

College London

EXPERT SPEAKERS INCLUDE:

JOHN BASS Founder & CEO, Hashed Health

DISA LEE CHOUNDirector, Head Data

Acquisition, UCB

See the full list of speakers on pages 5 & 6


BLOCKCHAIN IN HEALTHCARE SYNOPSIS

EVENT SPONSORS

Platinum Sponsors

Gold Sponsors

Other Exhibitors & Sponsors

CONFIRMED SPEAKERS

MADIS TIIKSenior Lecturer, Tallinn University of Technology, Estonia

DIMITRA LIVERINetwork and Information Security Expert, ENISA - The EU Cybersecurity Agency, EU

JANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech Republic

ALAN CALDERFounder and Executive Chairman at IT Governance

MARTINE KERSAINT(Track Chair)Clinical Engineering Manager, Biomedical Clinical Engineering - I.S, The Hospital of Pennsylvania, USA

FRANCK CALCAVECCHIAInformation Security Officer, University Hospitals of Geneva, Switzerland

NEIL QUIOGUEDirector of Information Security, McKesson, Ireland

KATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, Estonia

ROBERT JAMIESONChief Information Security Officer, Mallinckrodt Pharmaceuticals, USA

RAM RAMADOSSVice President – Privacy, Information Security, EHR Compliance Oversight, Catholic Health Initiatives, USA

RAMÓN SERRESHead of Information Security, Quality and Risk, Almirall, Spain

STEVE WILLIAMSONDirector, IT Governance, Risk & Compliance, GlaxoSmithKline, UK

SHUJUN LIProfessor of Cyber Security, School of Computing Director, Kent Interdisciplinary Research Centre in Cyber Security (KirCCS), University of Kent, UK

CAROLINE RIVETTCyber & Privacy Director, Life Sciences, KPMG, UK

JASON MEDEIROSSenior Vice President, Hosting, American Well, USA

JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USA

MICHAEL MCNEILHead of Product Security & Services Office, Royal Philips, USA

WILLIAM HAGESTADSenior Principal Cyber Security Engineer, R&D, Smiths Medical, USA

DENISE ANDERSONPresident, National Health Information Sharing and Analysis Center (NH-ISAC), USA

GARVAN LYNCHSuperintendent Pharmacist, Lynch’s Pharmacy, Ireland

JIM NASRVP of Technology & Innovation, Synchrogenix, a Certara company

KATRINE VEDELSpecial Advisor, Health Innovation Centre of Southern Denmark and Manager of Colab Plug&Play, Denmark

DAVID DOWEManager, Information Security and Privacy, Trillium Health Partners, Canada

TONY CLARKEHead of Information Security, ICON Clinical Research, Ireland

STEVE ABRAHAMSONSenior Director, Product Cyber Security, GE Healthcare, USA

LUKE AVSEJSTest Team Leader, IDBS

SIMON WILSONSenior Cyber Security Manager, Darktrace Limited

STEVE JOHNSONEMEA Information Security Manager, Orion Health

HENRY HARRISONChief Technology Officer, Garrison Technology Limited

JUSTIN HEYLCybersecurity Director, Business Development, Innovations & Strategic Partnerships, UL LLC


CYBER SECURITY SPEAKERS

CONFIRMED SPEAKERS

RAY-JADE CHENSuperintendent, Taipei Medical University Hospital, Taiwan

SEAN MOSS-PULTZCEO, Bitmark Inc.

NAVIN RAMACHANDRANSenior Lecturer, Centre for Blockchain Technologies, University College London, UK

DIMITRA PAPADOPOULOUFounder, German Blockchain for Healthcare and Research Association

ADA JONUSECo-Founder and CEO, Lympo

DISA LEE CHOUNDirector, Head Data Acquisition, UCB

AURÉLIE BAYLELegal Consultant, be-studys/University of Montpellier

KATHERINE MERTONHead of Johnson & Johnson Innovation, JLABS @ NYC, USA

SALLY EAVESCo-Founder & CMO, Project Shivom

NICLAS NILSSONHead of R&D Open Innovation, LEO Pharma A/S

STEFAN WEBERChief Operating Officer, modium.io

MELEK SOMAIFellow in eHealth & Research at the Centre for Cryptocurrency Research & Engineering, Imperial College London

JOHN BASSFounder & CEO, Hashed Health

SIDDHI TRIVEDIFounder, Beowulf Proof Work

AJI BAROTBusiness Development Director, HealthUnlocked

DAVE EBBITTHealth Informatics Manager, MedicalChain

MANREET NIJJARCo-founder & ID physician - Identity and Infectious Diseases, Oxford University NHS foundation Trust/NHS England Clinical Entrepreneur Fellow

MARCO CUOMOGlobal Head EWS Service Operations & Engineering, Novartis

PASCAL BOUQUETGlobal Head Technology and Architecture for Global Drug Development, Novartis

STUART LACKEYCEO, Solaster

JOHN COLLOMOSSEReader in Computer Vision, University of Surrey


BLOCKCHAIN SPEAKERS

CONGRESS SCHEDULE DAY 1 THURSDAY 3RD MAY 2018

09:00-09:35

08:00-08:50

Global Engage Welcome Address and Morning Chair’s Opening Remarks: Dimitra Liveri, Network and Information Security Expert, ENISA - The EU Cybersecurity Agency, EU


Registration & Refreshments

08:50-09:00

10:00-10:3009:35-10:00

Morning Refreshments10:30-11:30

GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT BLOCKCHAIN IN HEALTHCARE CONGRESS

09:35-10:00

JIM NASRVP of Technology & Innovation, Synchrogenix, a Certara companyBlockchain for Healthcare and Pharma…one block at a time!Blockchain is relevant for healthcare and pharma. However, it’s not magic you need to know where and how to use it, and what else to do to get material business results. Blockchain is more than just technology. It is a movement with economic, business, cultural and technology implications. Healthcare can benefit from blockchain, but we need to separate noise from the signal that is the aim of this talk. To show you a path through the maze of relevance and practicality. This talk will help to demystify some things and shed light on some other things possibly lost in the hype. The content is based on lessons learned conceiving and implementing blockchain at large scale for public health and later expanded for pharma use cases. What actually works, what doesn’t and where do you start for a given use case

10:00-10:30

ROBERT JAMIESONChief Information Security Officer, Mallinckrodt Pharmaceuticals, USADigital barbarians at the gate: Winning in the age of cyberWhat we are doing in cybersecurity today is not working. We are continually being exploited by criminal elements, state sponsored actors, and insiders and are unable to stop them using our current cybersecurity practice/technologies. It is time that

we rethink our current practice and shift our paradigm to win at cybersecurity. The concepts of “active defense” and “offensive countermeasures” include how we rethink everything in our digital systems. This thinking is not about technology; rather it is focused on a complete strategic paradigm shift. This presentation will cover the practical aspects of introducing active defense and offensive cyber-countermeasures into your organization with examples and key takeaways.

NAVIN RAMACHANDRANSenior Lecturer, Centre for Blockchain Technologies, University College London, UKBlockchain in Healthcare – Scalability and OwnershipDistributed Ledger Technologies (DLTs, commonly known as blockchains) have been touted as the answer to many of Healthcare’s current problems. In this talk we explore the underlying thinking behind the use of distributed ledgers, and the problems inherent to current blockchains. We then look forward to the future of next generation DLTs and possible use cases.

SOLUTION PROVIDER PRESENTATION:SIMON WILSONSenior Cyber Security Manager, Darktrace LimitedThe shift to self-learning, self-defending networks• Leveraging machine learning and AI algorithms to defend against advanced, never-seen-before, cyber-threats

• How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time

• How to achieve 100% visibility of your entire business including cloud, network and IoT environments

• Why automation and autonomous response is enabling security teams to neutralize in-progress attacks, prioritise resources, and tangibly lower risk

• Real-world examples of subtle, unknown threats that routinely bypass traditional controls

JOHN COLLOMOSSEReader in Computer Vision, University of SurreyCoMEHeRe: Co-operative Models for Evidence-based Healthcare RedistributionCoMEHeRe is a two year UKRI/EPSRC funded project that aims to transform personal healthcare through the design and evaluation of new technologies and

business models for commodifying and brokering casually captured personal healthcare data (e.g. from wearable biosensors and the IoT) to state and private healthcare providers. CoMEHeRe is developing a Blockchain based platform to incentivise collection and enable secure brokering of large volumes of longitudinal biometric healthcare data, optimising preventative healthcare, helping to achieve a more efficient healthcare system, and contributing to a healthier nation. This talk will provide a broad picture of the CoMEHeRe project, and describe a prototype of the platform and campus-based user trial delivered across the project’s initial six months.

CONGRESS SCHEDULE


DAY 1 THURSDAY 3RD MAY 2018

11:55-12:20

DIMITRA LIVERINetwork and Information Security Expert, ENISA - The EU Cybersecurity Agency, EUSecurity and resilience for eHealth infrastructures and services • The NIS Directive and what it means for healthcare organisations in terms of security measures and incident notification obligations• ENISA's work in supporting the implementation of the NIS Directive; NIS posture in

the healthcare sector and good practices• Securing Smart Hospitals: What IoT in tomorrow's hospital mean in terms of security implications,

vulnerabilities and threats and good practices to address them

11:55-12:20

DAVID DOWEManager, Information Security and Privacy, Trillium Health Partners, CanadaCombine and conquer: the benefits of a joint cyber security and privacy office in healthcare• This session highlights the benefits organizations can experience by combining cyber security and privacy teams in a single organizational unit. Drawing on three

years of combined privacy and security experience at Trillium Health Partners, a large multi-site hospital, this session demonstrates how one security office's expertise has broadened from technical expertise to a more nuanced understanding of the impact of regulations on technical requirements associated with systems sharing personal information.

• In addition, organizations benefit from the enhanced visibility into projects and initiatives which find their way to either to the privacy or security offices, and as a result, can better respond to and manage the risks these projects present.

11:30-11:55

11:30-11:55

DISA LEE CHOUNDirector, Head Data Acquisition, UCBAJI BAROTBusiness Development Director, HealthUnlocked Curlew ResearchCross-Industry collaboration evaluating how Blockchain can Transform the Pharmaceutical and Healthcare Industry, part of Emerging Trends & Technology PhUSE Workgroup• Collaborating with 17 companies across the industry • Understanding the landscape in the pharma and healthcare settings• Exploring the areas where Blockchain could be used• Presenting two detailed use cases (a. Smart Contract: Vendor and Site Oversight; b. Distributed Asset Ledger: Patient Data Access/Transparency) to support future development and implementation for proof of concept.

RAY-JADE CHENSuperintendent, Taipei Medical University Hospital, TaiwanBlockchain-based personal healthcare record operating system – challenges and opportunities in TaiwanTaipei Medical University Hospital (TMUH) and Digital Treasury Corporation (DTCO) have been jointly developing a blockchain-based personal healthcare

record operating system (phrOS) since winter 2017. With phrOS, we endeavor to empower our patients by increasing data audit transparency as well as creating a seamless cross-hospital and hassle-free insurance claims experience. In a recent field test, we successfully applied blockchain technology to TMUH’s personal health management system, genomic profiles database, smart insurance claims, and patient clinical trials recruitment process. We plan to scale our platform to the entire Taipei Medical Healthcare System in the near future. In order to popularize blockchain application in Taiwan, we created the Healthcare Blockchain Alliance. Our alliance aims to not only promote blockchain, but also to follow Taiwan’s governmental policies regarding the promotion, formulation and standardization of medical data transfer protocols, data-driven medical application development, and public health campaigns.

12:20-12:50

SOLUTION PROVIDER PRESENTATION:ALAN CALDERFounder and Executive Chairman at IT Governance Implementing a cyber resilient strategy and sustaining compliance with the GDPR and NIS Directive• An overview of the current cyber security landscape; threats, compliance standards and legislation.

• The role of senior management in ensuring compliance and cyber resilience is a strategic focus.• Implementing accountability frameworks in line with the GDPR and NIS Directive requirements.• The role of a robust staff awareness programme in supporting a culture of cyber resilience

and compliance.• Embedding data protection by design and by default and a holistic approach to achieving a

cyber resilient posture.

12:20-12:50

STUART LACKEYCEO, Solaster HealthMinimally Viable Centralization in HealthcareOver the last several decades, while health innovation has continued to produce breakthrough advancements world-wide, healthcare’s mounting financial impact on the global health economy have become unsustainable. There are many

reasons for this. Blockchain technologies has the potential to remove many of the inefficiencies, mis-aligned incentives and problems that exist in the global health economy today. However, are the legacy players in the space ready for this less centralized reality? And perhaps even more sobering, what if many of these same entities that have created and proliferated the current system, are not a part of this new economy?

Lunch12:50-13:50

CONGRESS SCHEDULE



13:50-14:20

13:50-14:20

SOLUTION PROVIDER PRESENTATION:LUKE AVSEJSTest Team Leader, IDBSJourney To The Cloud: Jumping The Invisible Hurdles

SEAN MOSS-PULTZCEO, Bitmark Inc.Protecting your personal health data by turning it into digital property• Simple tools for individuals and businesses to generate value from their data.

• Create, transfer, and authenticate digital property.• Trace ownership and attribution without requiring central

authorities or intermediaries.• Case study with UC Berkeley around personal health data.

DATA PROTECTION, EHEALTH AND INTEROPERABILITY IN HEALTHCARE & MEDICAL DEVICES BLOCKCHAIN IN HEALTHCARE CONGRESSBALANCING SECURITY & BUSINESS

Track Chair: Martine Kersaint, Clinical Engineering Manager, Biomedical Clinical Engineering - I.S, The Hospital of Pennsylvania, USA

Track Chair: Shujun Li, Professor of Cyber Security, School of Computing Director, Kent Interdisciplinary Research Centre in Cyber Security (KirCCS), University of Kent, UK

Track Chair: Alex White, Senior Conference Producer, Global Engage

MADIS TIIKSenior Lecturer, Tallinn University of Technology, EstoniaeHealth in Estonia - Secure data exchange since 2009 • Estonian eHealth System is utilizing the

benefits of national ICT architecture: PKI infrastructure, secure data exchange environment x-road and clear ownership of the data. Full transparency, opt-out approach and citizens’ rights to see all logging information are some of the key-words of Estonian eHealth System.

• Benefits of the national data exchange can come only after integration of all users and acceptance by all stakeholders. This allows to build smart services for citizens and for healthcare providers.

• These developments are very good ground for more personalized medicine. Estonia has all preconditions for successful implementation of personalized medicine – Estonian Genome Bank started giving feedback to donors, we have permissive legislation and trust in society and growing interest among citizens to take more responsibilities.

14:20-14:45

DENISE ANDERSONPresident, National Health Information Sharing and Analysis Center (NH-ISAC), USACollaborative securityThis session will:• Cover the threat landscape for healthcare

• Show the importance of information sharing and the need for a focus on enterprise risk management

• Illustrate with a case study how organizations through collaboration can quickly stay on top of and mitigate threats.

14:20-14:45

14:20-14:45

MANREET NIJJARCo-founder & ID physician - Identity and Infectious Diseases, Oxford University NHS foundation Trust/NHS England Clinical Entrepreneur FellowIdentity & Infectious Diseases: Creating

an epidemic of trust in digital healthcare using Distributed Ledger Technology A story of a personal tale and a problem to solve - highlighting the current issues in identity management in healthcare workers, interwoven with Infectious Diseases treasures and ending with DLT identity solution.

CONGRESS SCHEDULE



Afternoon Refreshments15:10-16:00

14:45-15:10

KATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, EstoniaHow to secure data in a connected world• Data ownership and accountability - Examples from the Health Insurance fund: how

to secure data on a national level with different stakeholders- Law supporting cyber security- Justified access to data- Patient empowerment and personal ownership of data- Public awareness

• Preventing fraud (healthcare services, prescription drugs, medical devices) - Security by design on secure platforms- Strong digital identity- Online validation, automatic controls, on time access and verification- Transparency of data usage

• Securing healthcare in collaboration with stakeholders - Collaboration with health care providers and national agencies- Distribution of power – not all in one place- Example: pacemaker hack 29.08.2017

14:45-15:10

14:45-15:10

RAM RAMADOSSVice President – Privacy, Information Security, EHR Compliance Oversight, Catholic Health Initiatives, USAChallenges and opportunities in managing cyber risks

• Outline the resource, technology, awareness and financial challenges among small and medium providers to handle emerging security risks and ransomware attacks

• Explore potential opportunities to help small, medium and even large healthcare providers especially from efficient management of cyber risk program

• Call for an active participation by the board members and audit compliance committees in raising the support and investment required for cybersecurity programs

• Highlight key recommendations from the National Cybersecurity Taskforce formed by the Department of Health and Human Services

ADA JONUSECo-Founder and CEO, LympoFrom token sales to health change: Lympo’s mission to motivate healthy lifestyles with a blockchain based ecosystemA new start-up Lympo uses blockchain as

a tool to grant the data ownership to the fitness/wellness app users, to ensure a free data flow between the stakeholders in the industry and to create a reward system to motivate healthy lifestyles. An entrepreneur’s journey into the stormy crypto business waters pioneering fitness data monetisation.

16:00-16:25

FRANCK CALCAVECCHIAInformation Security Officer, University Hospitals of Geneva, SwitzerlandMedical devices: safety or security?Incidents like WannaCry or NotPetya impacting hospitals’ operation shouldn’t be a surprise. The root causes have been well known for years. However a large majority of medical equipments suppliers are still behind. This talk will focus on the challenges that hospitals have to manage that risk with regards to patient life.

DIMITRA PAPADOPOULOUFounder, German Blockchain for Healthcare and Research AssociationBlockchain for eHealth and innovative collaboration models

• The need of Real World Evidence and the role of blockchain• Social vs Patient centric approach where is the difference? What

is needed to design and develop effective ehealth solutions?• What’s now and what's next on the way of digitizing healthcare

16:00-16:25

TONY CLARKEHead of Information Security, ICON Clinical Research, IrelandProactive security - Cyber simulations & playbooksMany in the security industry feel that security

breaches are not a matter of 'if ' but 'when'. Cyber simulations and Cybersecurity playbooks can be effective tools to prepare for cybersecurity incidents. This session will outline how to develop a cybersecurity playbook and how to utilise simulations to test incident response processes.

16:25-16:50

16:25-16:50

RAMÓN SERRESHead of Information Security, Quality and Risk, Almirall, SpainLessons learnt from an information security strategy execution• Background: our company, where we come

from in terms of information security• Security strategy versus security program• Lessons learnt when tackling the regulatory framework,

funding for security, c-level involvement, program execution.

BLOCKCHAIN ROUNDTABLE DISCUSSIONS SESSION 1:

Table 1: How to conciliate Blockchain & the right to be forgotten?AURÉLIE BAYLELegal Consultant, be-studys/University of Montpellier

• Blockchain & GDPR• Can a blockchain contain personal data? (Is the public key a

personal data?) • Who’s data controller in the blockchain?

16:25-17:10

CONGRESS SCHEDULE DAY 1 THURSDAY 3RD MAY 2018


16:50-17:50

SECURITY ROUNDTABLE DISCUSSIONS SESSION 1:

Table 1: Data security measures to take in a digital worldKATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, Estonia

Where are we moving to with the 4 P-s? • Participatory – data given by patients over several different

devices (pacemakers, smartphones, apps, etc)• Personalized – specific and varied healthcare options due to

data provided by patient• Preventive – patients aware of their own health, making

good decisions• Predictive – technological progress that enables predictions

based on past medical history

Table 2: Security and privacy implications of blockchain in life sciences and healthcareCAROLINE RIVETTCyber Security & Privacy Director, Life Sciences, KPMG London, UK

Blockchain is often considered to be secure. But is it? Caroline will lead a round table discussion into some of the security and privacy implications of blockchain and other distributed ledger technologies.

16:50-17:20

SHUJUN LIProfessor of Cyber Security, School of Computing Director, Kent Interdisciplinary Research Centre in Cyber Security (KirCCS), University of Kent, UKAddressing Cybersecurity and Cybercrime via a co-Evolutionary aPproach to reducing

human-relaTed risks: Healthcare as a use caseIn this talk, the speaker will introduce an ongoing research project funded by EPSRC (Engineering and Physical Science Research Council), which will develop a new socio-technical framework and corresponding software tools for reducing human-related risks. The framework follows a human-in-the-loop and co-evolutionary approach. He will discuss how such a framework can be applied to a healthcare use case, and how people from the health sector may collaborate with the project team.

Table 2: How do we accelerate Blockchain adoption in Healthcare?PASCAL BOUQUETGlobal Head Technology and Architecture for Global Drug Development, Novartis

• Blockchain healthcare promises to improve the way medicines are developed, manufactured and delivered to patients - all while increasing the trust between all involved parties.

• If there is an increased interest across the industry to adopt blockchain and create value, initiatives continue to be driven by a limited number of industry members and consultancies.

• An uncoordinated approach runs the risk that benefits to patients and the industry may take many years to mature and materialize, especially considering the environment’s complexity and amount of coordination required to achieve tangible outcomes.

• How do we band all together to accelerate Blockchain adoption?

16:25-17:10

17:20-17:50

STEVE WILLIAMSONDirector, IT Governance, Risk & Compliance, GlaxoSmithKline, UKGo Agile and stay secure • Software development methodologies based on Agile are characterised by evolving

requirements and adaptive planning, which helps ensure a continuous delivery of business value through application software

• A common cause of security breaches is vulnerabilities in the application layer. Many of these are easily prevented through the use of secure software development practices and penetration testing. However, these practices were not designed with Agile development in mind

• This presentation will discuss how to embed secure development practices throughout the Agile software development lifecycle, with the aim of delivering secure software on the first and each subsequent release


Table 1: Tokenizing HealthcareSTUART LACKEYCEO, Solaster Health• What are the pain points in healthcare where blockchain and tokeninzation might address?

• What are some models of tokenization to consider?• How might tokenizing healthcare allow for a better

alignment of incentives?• What are the possibilities and limitations of blockchain

technology?

Table 2: Blockchain for Pharma/Medtech LogisticsSTEFAN WEBERChief Operating Officer, modium.io• Transport in highly regulated environments

• Prescribed and monitored environmental conditions• Falsified medicines• Trust and data portability between a multitude of

worldwide actors • Common practical issues and sources of (compliance)

excursions and irregularities

17:10-17:50

Chair's Closing Remarks / End of Day 117:50

Networking Drinks Reception17:50-18:50

CONGRESS SCHEDULE DAY 2 FRIDAY 4TH MAY 2018

09:00-09:35

KEYNOTE ADDRESS:CAROLINE RIVETTGlobal Cyber Security Lead for Life Sciences, KPMG, UKMalware, resilience, blockchain and the GDPR: Can security enable better healthcare?Digital health technology of sensors, apps, blockchain and AI offer the promise of better health and care for chronically sick people. With our ever increasing reliance on systems, data and technologies in health and life sciences, we become more exposed to the impact of poor security, a previous lack of investment in systems and the requirements of the GDPR

legislation. Drawing on her recent experiences as a CISO and security consultant to some of the world's largest pharmaceutical companies, Caroline will explore the security risks to healthcare and life sciences companies and the potential solutions available.

08:20-09:00

Track Chair: Ram Ramadoss, Vice President – Privacy, Information Security, EHR Compliance Oversight, Catholic Health Initiatives, USA

Refreshments

09:00

GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT

10:05-10:55

10:05-10:30

CYBER SECURITY STRATEGY BLOCKCHAIN IN PHARMA & PRECISION MEDICINE

JANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech RepublicMSD Cyber Incident and Lessons Learned • NotPetya – June 2017: How it got into our network and how it spread• How we recovered• Lessons learned

KATHERINE MERTONHead of Johnson & Johnson Innovation, JLABS @ NYC, USABlockchain start-ups and their integration into the healthcare landscape This talk will be a review of blockchain start-ups in the previous three years, examining what they need to succeed and what large corporations (such as J&J) can do to support their growth.

10:30-10:55

DAVE EBBITTHealth Informatics Manager, MedicalChainWhere are we going now?Medicalchain will discuss the importance of patient-centric healthcare, facilitated by blockchain technology. Gain an understanding of how to improve service efficiency, interprofessional communication and clinical outcomes by building borderless healthcare around personal health data.

Morning Refreshments10:55-11:45

09:35-10:05

SOLUTION PROVIDER PRESENTATION:HENRY HARRISONChief Technology Officer, Garrison Technology LimitedProtecting the endpoint with web isolationEmployee access to the web remains one of the largest cyber risk areas for most enterprises. This is due to the risk to the endpoint of spear-phishing and web-based malware combined with the risk from the endpoint of large scale data loss and exfiltration. As traditional web security techniques struggle, buyers are turning to isolation technologies that

hold out the promise of truly risk-free browsing. Henry will compare the different technical approaches available in the market, uncover the varying benefits and trade-offs and show how, done right, isolation really can transform an organisation’s cyber risk profile.




SALLY EAVESCo-Founder & CMO, Project ShivomThe Role of Blockchain in Personalised Healthcare and Precision MedicineThis session will explore core opportunities, prevailing challenges and potential solutions

with a focus on application to help differentiate the hype from the reality. The importance of emergent technology convergence beyond but including blockchain will also be emphasised, alongside the rich capacity to contribute towards social global impact aims, a key interest of the speaker.

12:15-12:50

KEYNOTE ADDRESS:JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USAPractical solutions for mitigating cybersecurity challenges in connected medical devices

With the rise of sophisticated technologies and software used in connected medical devices, manufacturers are now working vigorously to implement additional safeguards to minimize cybersecurity risks. Until recently, medical device companies haven’t planned a comprehensive security program that takes into account the security of the software for the duration of the lifecycle; however, the FDA has recently encouraged medical device manufacturers to collaborate with ethical hackers, those who uncover and rectify vulnerabilities and flaws, to assist in the development and ongoing management of devices which minimize security flaws. While there is no “one size fits all” solution to device cybersecurity, industry professionals will benefit from a greater understanding of common challenges associated with connected medical devices and solutions for fixing them. This presentation will focus on the following cybersecurity related areas:• The elements of a comprehensive security program• Overcoming the hidden costs of insecure legacy devices• Implementing effective vulnerability management• Information sharing beyond regulatory expectations

12:15-13:15

SECURITY ROUNDTABLE DISCUSSIONS SESSION 2 :

Table 1: Business Continuity & ResilienceNEIL QUIOGUEDirector of Information Security, McKesson, IrelandIn 2017, a number of global ransomware events

impacted a number of organisations resulting in hundreds of millions of dollars in costs from loss of sales to cost of remediation. With this, resiliency has become a focus area for a number of organisations. Has resilience been discussed within your organisation? What does being resilient mean to you and your organisation? Have you identified all components of your business processes including reliance on third parties? How long will your organisation be able to ship products if your manufacturing is impacted? Join us in this round table to discuss and share your experience in improving resiliency in organisations. We won't solve it in one sitting but this will hopefully spark future discussions and collaboration among our organisations.

Table 2: SegmentationJANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech Republic

• What should be considered for segmentation? (network traffic, privileged accounts, data centers, etc.)

• How should they be segregated? (by region of the world, by business units, etc.)

• How much granularity makes sense?• How does your company get the greatest impact with the

least effort?

12:15-12:50

JOHN BASSFounder & CEO, Hashed HealthBlockchain's Promise for Speeding Drugs to Market2018 is proving to be a breakout year for blockchain-based solutions for the Life Sciences industry. This presentation will provide a forum to discuss pharma-related use cases that are active within the Hashed Health ecosystem including:

• track & trace• outcomes data collection• clinical trials• reducing the distance between pharma and the consumer• PBMs• registries• value-based / indication-based payments

11:45-12:15

11:45-12:15

SOLUTION PROVIDER PRESENTATION:JUSTIN HEYLCybersecurity Director, Business Development, Innovations & Strategic Partnerships, UL LLCLeveraging standards and best practices to meet FDA and Hospital requirements

The challenges that manufacturers have meeting regulatory and hospital requirements is increasingly complex with all the questionnaires. How can a manufacturer apply the various standards to meet these requirements and come to an understanding with the hospital organization.

CYBER SECURITY STRATEGY BLOCKCHAIN IN PHARMA & PRECISION MEDICINESECURING MEDICAL DEVICES



14:15-15:05

MARCO CUOMOGlobal Head EWS Service Operations & Engineering, NovartisTitle TBC• Blockchain Use cases in Pharma• Blockchain and counterfeiting

• Healthcare Blockchain Ecosystem• Why Healthcare needs a Blockchain consortium

14:15-14:40

JASON MEDEIROSCIO, American Well, USABuilding an efficient cyber security program in healthcareBuilding a cybersecurity program can be complex and costly for any organization,

especially companies working with sensitive healthcare information. As healthcare technology systems come under increasing threats, it is more important than ever to weave cybersecurity into your organization’s DNA - from the entry level employee to the C-Suite. This presentation will discuss how to gain insight into what threatens your organization, and how you can enlist your entire workforce to practice continuous cyber self-defense.

14:15-14:40

GARVAN LYNCHSuperintendent Pharmacist, Lynch’s Pharmacy, IrelandIntegrated security plan for medical device software: scalability and the lifecycle• Integrated security plan: key activities to

ensure scaling up operations, lifecycle coverage, successful interaction with regulators.

• Six foundations addressing design, risk management, operations, users, incident response, service enhancements, based on a detailed, ongoing regulatory review.

• Security experience from designing the system and interaction with regulators and sponsors on a novel pharmacy patient and medication monitoring service.

PROGRAM STRATEGY, IMPLEMENTATION & EXECUTION BLOCKCHAIN IN HEALTHCARESECURING MEDICAL DEVICES

12:50-13:15

12:50-13:15

WILLIAM HAGESTADSenior Principal Cyber Security Engineer, R&D, Smiths Medical, USAThe future of cyber warfare in healthcareIs your company or health service protected against cyber warfare? In an increasingly digital

environment, strong cyber defences are essential to survival. Lieutenant Colonel, USMC (Retired) Bill Hagestad will elaborate on the future of cyber warfare in healthcare and the implications for the medtech industry from a corporate and product point of view. Mr. Hagestad is an internationally recognized and respected authority on cyber warfare having published three books on the topic and currently leads the cyber & information security engineering development for Smiths-Medical. Objectives:• To elaborate on the current and future state of play of cyber

warfare in healthcare with a focus on the MedTech industry.• To give a frank assessment of the current preparedness of the

MedTech industry and how to cope with future trends.

12:15-13:15


Table 1: Expectations and pain points – what problems can blockchain realistically solve for healthcare and how do we go about doing itNICLAS NILSSON

Head of R&D Open Innovation, LEO Pharma A/SAs with many new technologies expectations are high as blockchain promises are made broadly and generously. But how can we move from thinking what great potential blockchain holds for healthcare and pharma to actual implementation and overcoming hurdles and gaps? Looking at Healthcare from the Pharma R&D angle, we will discuss topics that will help identifying realistic pain points, hurdles to achieve solutions and real world use cases – but from both the technical blockchain as well as the healthcare use perspective.Discussion topics include:• Language barrier• Thinking big or small• The true benefits of using distributed ledgers in healthcare

and pharma• Culture of working• Applying open innovation in pharma powered by blockchain

14:40-15:05

STEVE JOHNSONEMEA Information Security Manager, Orion HealthTake the red pill: managing the rabbit hole of healthcare threatsMedia headlines and political soundbites

regularly criticise the activities and efforts of the health and social care sector. In addition, 2017 saw the unprecedented impact of Wannacry malware and the difficulties to recover from that incident. It clearly demonstrated that security risks are realised as clinical risks to individuals in care. Against this backdrop, the health and social care sector is being disrupted to enable improvement.

14:40-15:05

Lunch13:15-14:15

STEVE ABRAHAMSONSenior Director, Product Cyber Security, GE Healthcare, USAThe Greatest Challenge: Post-Market Cyber Risk Management for Medical Devices Managing post-market risk in medical

devices is perhaps the most challenging aspect of medical device cyber security. Different stakeholder groups and interests intersect including patient data protection, patient safety, and device availability. Additionally, cyber security risk must be viewed within the complete context of Healthcare delivery, not as a stand-alone risk category.

Continued



KATRINE VEDELSpecial Advisor, Health Innovation Centre of Southern Denmark and Manager of Colab Plug&Play, DenmarkInteroperability and infrastructure for point-of-care and mobile devices in the patients’ own home

• Learn how Colab Plug&Play – a test and demonstration lab, dedicated to digital healthcare solutions and part of the innovation efforts in the Region of Southern Denmark – engages in public-private collaboration and innovation by utilizing the national infrastructure and standards for interoperability in Denmark.

• Learn how standards and infrastructure components can be used to support both innovation and cyber security at the same time.

• Sounds interesting? - Find out how you can be part of it as well.

Conference Close15:5515:30-15:55

14:15-15:05

Table 2: Blockchain for Clinical Trials and Life SciencesMELEK SOMAIFellow in eHealth & Research at the Centre for Cryptocurrency Research & Engineering, Imperial College London

• What are the opportunities of blockchain/DLTs in Life Sciences and clinical trials?

• What are the bottlenecks (regulation, etc.) that impede blockchain in Life Sciences?

• What are the current use cases in Life Sciences?

15:05-15:30

NEIL QUIOGUEDirector of Information Security, McKesson, IrelandSo you've implemented your security programme, now what?Your organisation undertook a multi-year effort

to implement a security programme. Now that you are nearly done with the 'Build' phase, you need to move to the 'Run' phase. How ready is your organisation to do 'Run' and continuously improve upon what you have implemented in an ever-changing business environment and cybersecurity threat landscape? In this session, we will talk about some of the lessons learned as an organisation transitioning to the 'Run' phase to help ensure that the programme is sustained for years to come.

15:05-15:30

14:40-15:05

There is a clear drive to improve population health and avoid or reduce the need for clinical intervention through proactive health engagement and self-care of chronic conditions at home or with localised care support. Digital health and social care systems from IoT medical devices to in-hospital clinical care systems are rapidly growing in diversity and interconnected complexity to support that initiative. This presents unique challenges to manage risks and emergent threats. In this presentation we'll 'take the red pill and see how deep the rabbit hole goes', looking at the scope and scale of the challenge, some of the less well-known threats and the treatments being applied to keep our health care systems healthy.

14:40-15:05

MICHAEL MCNEILHead of Product Security & Services Office, Royal Philips, USAThis talk will focus on key security challenges facing stakeholders of the medical device continuum, and on developing key security

program strategies to addess these challenges. The nature of these challenges demands an overall product security program strategy with consistent and comprehensive execution. This talk will therefore align to an overall product security program strategy with a focus on the key pillars of execution to address both pre-market and post-market challenges, including the following topics:• A comprehensive product security program strategy to address

challenges within the overall medical device ecosystem.• Implementing the essentials of a secure development lifecycle

strategy for both pre-market and post-market needs.• Implementing software build of materials (SBOM) to integrate

with end-to-end SDLC, monitoring, communications, and vulnerability management capabilities.

This presentation will explore best practices for device manufacturers and how collaboration between device manufacturers and health care providers is the key to managing risk. Areas of discussion will include:• Concepts of assessing risk within products placed on the market• Incorporating post market risk management within a cyber

security program• Regulatory considerations: integrating with the Quality

Management System• Creating a shared view of risk within Healthcare

15:05-15:55

No Track Talk

15:30-15:55

No Track Talk

PRE-CONFERENCE WORKSHOP


WORKSHOPPre-Conference Workshop

Sponsored by:

Join us for a chance to collaborate with other healthcare providers, medical device manufacturers and biotech/pharma stakeholders in a free interactive forum.

Registration is complimentary

Potential Medical Device Agenda topics to include:• Security Testing Before Deploying Critical and High Risk Medical Devices

• IoT Tools Used by Medical Device Manufacturers and Health Systems to Scan Medical Devices• Responsibly Communicating Vulnerabilities to Health Systems

• Life Cycle Management of Connected Medical Devices• More to come….

Potential BioTech/Pharma Agenda topics to include:• Current Pharmaceutical Threat Landscape

• Cloud Security and Compliance• General Data Protection Regulation

• Distributed Trust Models – The Blockchain in Security• More to come….

CPE's may be available to attendees. You must self-certify with an organisation such as ICS2 or ISACA

See NH-ISAC’s presentation at Global Cyber Security in Healthcare and Pharma Summit May 3-4th.Register at www.global-engage.com/event/cyber-security-summit

**NOTE – Attendance Restrictions: NH-ISAC restricts attendance to its respective members, potential members, and related industry interested parties. Companies selling a product of interest are required to provide sponsorship to obtain access to the event, and members

of the media are not allowed. NH-ISAC reserves the right to cancel and/or refund any admission that does not meet our criteria.

Medical Device and Pharmaceutical Security Workshop

Wednesday May 2nd 20188:30am-4:30pm

Radisson Blu Edwardian, Heathrow, London1 Day Prior to Global Cyber Security in Healthcare & Pharma Summit

VENUE INFORMATION

Radisson Blu Edwardian Heathrow,140 Bath Road, HayesMiddlesex, UB3 5AW, England

The award-winning Radisson Blu Edwardian, Heathrow hotel feels anything but an airport hotel. The grand lobby with glass chandelier, ornate marble staircase and striking Eastern artwork all contribute to a luxury stay. Our bedrooms combine modern comfort with attractive furnishings and the latest technology. The hotel offers three fabulous dining options - Steak & Lobster, Bijou Lounge Bar and Indian restaurant, Annayu; and a tranquil spa, Pegasus.

Ideally located 10 minutes from Heathrow Airport by free public transport or the Hotel Hoppa bus, central London can also be reached in 30 minutes. With Crossrail opening in December 2019, it'll soon be even quicker and easier to reach us.


DON’T DELAY, BOOK YOUR PLACE TODAY!Places are limited and are based on a first come, first served basis so to avoid disappointment contact us today to reserve your place at Global Engage’s Global Cyber Security in Healthcare & Pharma Summit and co-located

Blockchain in Healthcare Congress, 3-4 May 2018.

PHONE BOOKING+44 (0) 743 208 6048

Our conference team will make all the necessary arrangements.

ONLINE BOOKINGVisit the website to book your place with credit card payment or an invoice request.

www.global-engage.com/event/cyber-security-summitwww.global-engage.com/event/blockchain-congress

THE CONGRESS PACKAGE INCLUDES:All Conference Sessions

Lunches and RefreshmentsAccess to Exhibition Room

Networking Drinks ReceptionConference Workbook

E-Document Pack

HOTEL ACCOMMODATIONHotel accommodation will be available at a group rate.

FREE NEWSLETTERFor updates on the Global Cyber Security in Healthcare & Pharma Summit and co-located Blockchain in Healthcare

Congress, plus free resources and reports, as and when our speakers authorise their release dates, check for updates at:www.global-engage.com/event/cyber-security-summitwww.global-engage.com/event/blockchain-congress

T: +44 (0) 1865 849841E: [email protected]

Global Engage Ltd., The Kidlington Centre, Kidlington, Oxford, OX5 2DL, United Kingdom

SPONSORSHIP AND EXHIBITION OPPORTUNITIES AVAILABLEFor more details contact Nick Best at

[email protected] or call +44 (0) 743 208 6048

Follow Us

@Lifesciences_GE

global cyber security in healthcare pharma summit · global cyber security in healthcare &...

Documents