global cyber security in healthcare pharma summit · cyber security in healthcare & pharma...
TRANSCRIPT
3-4 MAY 2018LONDON, UK
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT
BLOCKCHAIN IN HEALTHCARE CONGRESS
www.global-engage .com
#CyberSecurityHealthSummit #BlockchainHealthCongress
WARM WELCOME
Global Engage is pleased to announce the Cyber Security in Healthcare & Pharma Summit and co-located Blockchain in Healthcare Congress, which will be taking place at the Radisson Blu Edwardian, Heathrow in London on 3-4 May 2018.
Cyber Security in Healthcare & Pharma SummitThe number of cyber-attacks in healthcare is on the rise, and the industry must do more to prevent and respond to these incidents. The Global Cyber Security in Healthcare & Pharma Summit 2018 will bring together high-level representatives from around the globe to create a cyber security roadmap for the future. Attendees will come from all areas of cyber security for the healthcare, medical devices and pharmaceutical sectors. Experts will examine the cyber security landscape in these three industries, with particular focus on strategies for protection and incident response, as well as on business/regulatory considerations. Central to the aims of this event is facilitating collaboration and cooperation amongst the diverse stakeholders that will be in attendance.
Blockchain in Healthcare CongressBlockchain is the one of the most talked about technologies of 2017. With the potential exceeding any other to revolutionise the healthcare industry, it is crucial to first understand the nature of blockchain technology, to distinguish the hype from the reality and then to see real-world case studies of how blockchain can be, and is being, applied to healthcare systems. Over two days, the congress will address some of the most achievable possibilities of integrating blockchain within healthcare. Through a mixture of practical workshops, lectures and roundtable discussions specifically designed to help you get to grips with the technology, learn from those already benefitting from blockchain systems and overcome obstacles associated with integration, the congress will help you join the future of the healthcare industry. With enhanced networking sessions, an evening social and a buzzing exhibition room the Congress is one not to be missed!
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
+50 Presentationsfrom expert speakers
+7 Hoursof dedicated networking time
+15 Expert-ledroundtable discussions
Free Pre-Conference WorkshopLed by the NH-ISAC
2-4-12 Congresses, 1 Registration
INDUSTRIES
• Hospital & Healthcare Systems• Medical Devices• Pharmaceuticals• Health Insurance
CYBER SECURITY IN HEALTHCARE & PHARMA SYNOPSIS
BUSINESS & REGULATORY CONSIDERATIONS
• Integrating security into corporate strategy• Policy developments• GDPR & implications post-Brexit• Increasing cooperation across groups & countries• The role of insurance in covering cyber attacks
NATURE OF THE THREAT
• Examining the cyber security landscape in these sectors• Current challenges facing each system
- Healthcare – interoperability; securing medical records; rising IT costs- Medical devices – system design; securing post-market devices; standards for manufacturers- Pharma – clinical trial data; intellectual property; insider threats
STRATEGIES & TECHNOLOGIES FOR PROTECTION
• Vulnerability management / breach monitoring & detection• Best practices – the role of end users; critical infrastructure;
improving IAM programmes• The potential for blockchain, biometrics, tokenization• Incident response – business continuity & resilience• Lessons learned from the financial industry• Case studies
DIMITRA LIVERINetworks and Information
Security Expert, ENISA - The EU Cybersecurity Agency, EU
JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USA
ROBERT JAMIESONChief Information Security Officer,
Mallinckrodt Pharmaceuticals, USA
CAROLINE RIVETTCyber & Privacy Director, Life Sciences, KPMG, UK
EXPERT SPEAKERS INCLUDE:
See the full list of speakers on pages 5 & 6
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
Roundtable 1: Business continuity and resilience Roundtable 2: Segmentation
Roundtable 3: A search for the ultimate digital risk and risk investments dashboarding
ROUNDTABLES SESSION 2
Roundtable 1: Data security measures to take in a digital world
Roundtable 2: Developing a cyber security strategyRoundtable 3: Security and privacy implications of
blockchain in life sciences and healthcare
ROUNDTABLES SESSION 1
Roundtables are informal, small-group interactive discussions on key topics in
the field. Discussion leaders will introduce sub-topics/questions for discussion and roundtable attendees are encouraged to
participate actively in the session.
BLOCKCHAIN TECHNOLOGY, OPPORTUNITY AND CHALLENGES
• Understanding how blockchain will affect healthcare• What are the most promising application areas for blockchain
within healthcare?• Market overview and trends• Opportunities and challenges• Overcoming the hype• New business models for democratising health• Blockchain technology and start-ups – where do you get started?
DRUG SUPPLY CHAIN & TRACEABILITY
• Tackling counterfeit drugs through blockchain transparency• Blockchain in drug discovery and development• Blockchain for precision medicine and individualised care
RETHINKING CLINICAL TRIAL MANAGEMENT
• Utilising patient-generated data through “wearables” and IoT devices
• Distributing patient consent and trial results• Trial auditing and clinical safety analyses• Accelerating research/Clinical data sharing
SECURITY & ACCESS
• Cybersecurity via Data Access Management• Security doors and accessibility• Patient and provider identity• Regulation and intellectual property• Ownership and storage of data
APPLYING BLOCKCHAIN TO HEALTH SYSTEMS
• Case studies from existing blockchain systems and trials• Examining infrastructure, costs and scalability• Nationwide interoperability• Designing and executing smart contracts• Incorporating commercial blockchain solutions• Blockchain for healthcare records (EHR/EMR)• Medication prescription blockchain• Public engagement
KATHERINE MERTONHead of Johnson & Johnson
Innovation, JLABS @ NYC, USA
MELEK SOMAIFellow in eHealth & Research at
the Centre for Cryptocurrency Research & Engineering, Imperial
College London
EXPERT SPEAKERS INCLUDE:
JOHN BASS Founder & CEO, Hashed Health
DISA LEE CHOUNDirector, Head Data
Acquisition, UCB
See the full list of speakers on pages 5 & 6
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
BLOCKCHAIN IN HEALTHCARE SYNOPSIS
CONFIRMED SPEAKERS
RASMUS THEEDEManaging Director, DigitalNations, Denmark
MADIS TIIKSenior Lecturer, Tallinn University of Technology, Estonia
DIMITRA LIVERINetworks and Information Security Expert, ENISA - The EU Cybersecurity Agency, EU
JANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech Republic
ALAN CALDERFounder and Executive Chairman at IT Governance
MARTINE KERSAINT(Track Chair)Clinical Engineering Manager, Biomedical Clinical Engineering - I.S, The Hospital of Pennsylvania, USA
FRANCK CALCAVECCHIAInformation Security Officer, University Hospitals of Geneva, Switzerland
NEIL QUIOGUEDirector of Information Security, McKesson, Ireland
KATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, Estonia
ROBERT JAMIESONChief Information Security Officer, Mallinckrodt Pharmaceuticals, USA
RAM RAMADOSSVice President – Privacy, Information Security, EHR Compliance Oversight, Catholic Health Initiatives, USA
RAMÓN SERRESHead of Information Security, Quality and Risk, Almirall, Spain
IVAN SANCHEZChief Information Security Officer, Sanitas, Spain
STEVE WILLIAMSONDirector, IT Governance, Risk & Compliance, GlaxoSmithKline, UK
SHUJUN LIProfessor of Cyber Security, School of Computing Director, Interdisciplinary Research Centre in Cyber Security, University of Kent, UK
CAROLINE RIVETTCyber & Privacy Director, Life Sciences, KPMG, UK
JASON MEDEIROSSenior Vice President, Hosting, American Well, USA
JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USA
STEFAN VAN GANSBEKECISO - Director Risk Security & Legal, CM-MC - Mutual health insurance, Belgium
MICHAEL MCNEILGlobal Product Security & Services Officer, Philips Healthcare, USA
WILLIAM HAGESTADSenior Principal Cyber Security Engineer, R&D, Smiths Medical, USA
DENISE ANDERSONPresident, National Health Information Sharing and Analysis Center (NH-ISAC), USA
GARVAN LYNCHSuperintendent Pharmacist, Lynch’s Pharmacy, Ireland
KATRINE VEDELSpecial Advisor, Health Innovation Centre of Southern Denmark and Manager of Colab Plug&Play, Denmark
DAVID DOWEManager, Information Security and Privacy, Trillium Health Partners, Canada
RUI GOMESIT Advisor to Administration Board, University Hospital Coimbra Centre (CHUC), Portugal
TONY CLARKEHead of Information Security, ICON Clinical Research, Ireland
STEVE ABRAHAMSONSenior Director, Product Cyber Security, GE Healthcare, USA
SENIOR REPRESENTATIVEIDBS
SIMON WILSONSenior Cyber Security Manager, Darktrace Limited
STEVE JOHNSONEMEA Information Security Manager, Orion Health
SENIOR REPRESENTATIVEGarrison Technology Limited
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
CYBER SECURITY SPEAKERS
CONFIRMED SPEAKERS
JIM NASRVP of Technology & Innovation, Synchrogenix, a Certara company
RAY-JADE CHENSuperintendent, Taipei Medical University Hospital, Taiwan
SEAN MOSS-PULTZCEO, Bitmark Inc.
NAVIN RAMACHANDRANSenior Lecturer, Centre for Blockchain Technologies, University College London, UK
DIMITRA PAPADOPOULOUFounder, German Blockchain for Healthcare and Research Association
ADA JONUSECo-Founder and CEO, Lympo
DISA LEE CHOUNDirector, Head Data Acquisition, UCB
AURÉLIE BAYLELegal Consultant, be-studys/University of Montpellier
KATHERINE MERTONHead of Johnson & Johnson Innovation, JLABS @ NYC, USA
SALLY EAVESCo-Founder & CMO, Project Shivom
NICLAS NILSSONHead of R&D Open Innovation, LEO Pharma A/S
STEFAN WEBERChief Operating Officer, modium.io
MELEK SOMAIFellow in eHealth & Research at the Centre for Cryptocurrency Research & Engineering, Imperial College London
JOHN BASSFounder & CEO, Hashed Health
JAAN PRIISALU (Reserved)Researcher, Tallinn University of Technology, Estonia
AJI BAROTBusiness Development Director, HealthUnlocked
NATALIE FURNESSCommunications Director, MedicalChain
MANREET NIJJARCo-founder & ID physician - Identity and Infectious Diseases, Oxford University NHS foundation Trust/NHS England Clinical Entrepreneur Fellow
ABHIMANYU VERMALead - Applied Technology Innovation, Novartis, Switzerland
PASCAL BOUQUETGlobal Head Technology and Architecture for Global Drug Development, Novartis
MARC PILKINGTONAssociate Professor of Economics, University of Burgundy Franche Comté
STUART LACKEYCEO, Solaster
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
BLOCKCHAIN SPEAKERS
CONGRESS SCHEDULE DAY 1 THURSDAY 3RD MAY 2018
09:00-09:35
08:00-08:50
Global Engage Welcome Address and Morning Chair’s Opening Remarks:
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
Registration & Refreshments
08:50-09:00
10:00-10:3009:35-10:00
RASMUS THEEDEManaging Director, DigitalNations, DenmarkCybersecurity in a connected world• The cybersecurity threats for healthcare in 2018 – myths and facts• Balancing security protection with an innovative business environment• Relieving the legislative pressure – security vs. compliance
Morning Refreshments / One-to-One Meetings10:30-11:40
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT BLOCKCHAIN IN HEALTHCARE CONGRESS
08:00-08:50
Global Engage Welcome Address and Morning Chair’s Opening Remarks:
Registration & Refreshments
08:50-09:00
09:00-09:3509:35-10:00
JIM NASRVP of Technology & Innovation, Synchrogenix, a Certara companyBlockchain for Healthcare and Pharma…one block at a time!Blockchain is relevant for healthcare and pharma. However, it’s not magic—you need to know where and how to use it, and what else to do to get material business results. Blockchain is more than just technology. It is a movement with
economic, business, cultural and technology implications. Healthcare can benefit from blockchain, but we need to separate noise from the signal—that is the aim of this talk. To show you a path through the maze of relevance and practicality. This talk will help to demystify some things and shed light on some other things possibly lost in the hype. The content is based on lessons learned conceiving and implementing blockchain at large scale for public health and later expanded for pharma use cases. What actually works, what doesn’t and where do you start for a given use case
10:00-10:30For sponsorship opportunities contact Nick Best at
Email: [email protected] Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION
ROBERT JAMIESONChief Information Security Officer, Mallinckrodt Pharmaceuticals, USADigital barbarians at the gate: Winning in the age of cyberWhat we are doing in cybersecurity today is not working. We are continually being exploited by criminal elements, state sponsored actors, and insiders and are unable to stop them using our current cybersecurity practice/technologies. It is time that
we rethink our current practice and shift our paradigm to win at cybersecurity. The concepts of “active defense” and “offensive countermeasures” include how we rethink everything in our digital systems. This thinking is not about technology; rather it is focused on a complete strategic paradigm shift. This presentation will cover the practical aspects of introducing active defense and offensive cyber-countermeasures into your organization with examples and key takeaways.
NAVIN RAMACHANDRANSenior Lecturer, Centre for Blockchain Technologies, University College London, UKBlockchain in Healthcare – Scalability and OwnershipDistributed Ledger Technologies (DLTs, commonly known as blockchains) have been touted as the answer to many of Healthcare’s current problems. In this talk we explore the underlying thinking behind the use of distributed ledgers, and the
problems inherent to current blockchains. We then look forward to the future of next generation DLTs and possible use cases.
SOLUTION PROVIDER PRESENTATION:SIMON WILSONSenior Cyber Security Manager, Darktrace LimitedThe shift to self-learning, self-defending networks• Leveraging machine learning and AI algorithms to defend against advanced, never-seen-before, cyber-threats
• How new immune system technologies enable you to pre-empt emerging threats and reduce incident response time
• How to achieve 100% visibility of your entire business including cloud, network and IoT environments
• Why automation and autonomous response is enabling security teams to neutralize in-progress attacks, prioritise resources, and tangibly lower risk
• Real-world examples of subtle, unknown threats that routinely bypass traditional controls
CONGRESS SCHEDULE
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
DAY 1 THURSDAY 3RD MAY 2018
12:05-12:30
DIMITRA LIVERINetworks and Information Security Expert, ENISA - The EU Cybersecurity Agency, EUSecurity and resilience for eHealth infrastructures and services • The NIS Directive and what it means for
healthcare organisations in terms of security measures and incident notification obligations
• ENISA's work in supporting the implementation of the NIS Directive; NIS posture in the healthcare sector and good practices
• Securing Smart Hospitals: What IoT in tomorrow's hospital mean in terms of security implications, vulnerabilities and threats and good practices to address them
12:05-12:30
DAVID DOWEManager, Information Security and Privacy, Trillium Health Partners, CanadaCombine and conquer: the benefits of a joint cyber security and privacy office in healthcare
• This session highlights the benefits organizations can experience by combining cyber security and privacy teams in a single organizational unit. Drawing on three years of combined privacy and security experience at Trillium Health Partners, a large multi-site hospital, this session demonstrates how one security office's expertise has broadened from technical expertise to a more nuanced understanding of the impact of regulations on technical requirements associated with systems sharing personal information.
• In addition, organizations benefit from the enhanced visibility into projects and initiatives which find their way to either to the privacy or security offices, and as a result, can better respond to and manage the risks these projects present.
12:05-12:30
DATA PROTECTION, EHEALTH AND INTEROPERABILITY IN HEALTHCARE & MEDICAL DEVICES BLOCKCHAIN IN HEALTHCARE CONGRESSBALANCING SECURITY & BUSINESS
11:40-12:05
11:40-12:05
11:40-12:05
SOLUTION PROVIDER PRESENTATION:RUI GOMES IT Advisor to Administration Board, University Hospital Coimbra Centre (CHUC), PortugalSecuring healthcare information – national practices
• The greatest challenges during the implementation of security initiatives and NISD in healthcare. Competencies and budget
• How can harmonisation be achieved in the Healthcare sector regarding cyber security and what should be the starting point?
• Sharing the experience to deal with the Cybersecurity threats and the strategy deployed to overcome in order to comply with the best practices in the sector
STEFAN VAN GANSBEKECISO - Director Risk Security & Legal, CM-MC - Mutual health insurance, BelgiumReinforcing your company's innovation by implementing an effective digital security strategy
• Addressing emerging digital security risks from intelligent automation - AI, machine learning, RPA, IoT, Blockchain, ...
• Developing your digital security strategy to thoroughly cover intelligent automation related risks
• Creating transparency and trust towards the board
DISA LEE CHOUNDirector, Head Data Acquisition, UCBAJI BAROTBusiness Development Director, HealthUnlocked Curlew ResearchCross-Industry collaboration evaluating how Blockchain can Transform the Pharmaceutical and Healthcare Industry, part of Emerging Trends & Technology PhUSE Workgroup• Collaborating with 17 companies across the industry • Understanding the landscape in the pharma and healthcare settings
• Exploring the areas where Blockchain could be used• Presenting two detailed use cases (a. Smart Contract:
Vendor and Site Oversight; b. Distributed Asset Ledger: Patient Data Access/Transparency) to support future development and implementation for proof of concept.
JAAN PRIISALU (Reserved)Researcher, Tallinn University of Technology, EstoniaBlockchain in Estonian E-Health
CONGRESS SCHEDULE
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
DAY 1 THURSDAY 3RD MAY 2018
14:00-14:30RAY-JADE CHENSuperintendent, Taipei Medical University Hospital, TaiwanBlockchain-based personal healthcare record operating system – challenges and opportunities in Taiwan
Taipei Medical University Hospital (TMUH) and Digital Treasury Corporation (DTCO) have been jointly developing a blockchain-based personal healthcare record operating system (phrOS) since winter 2017. With phrOS, we endeavor to empower our patients by increasing data audit transparency as well as creating a seamless cross-hospital and hassle-free insurance claims experience. In a recent field test, we successfully applied blockchain technology to TMUH’s personal health management system, genomic profiles database, smart insurance claims, and patient clinical trials recruitment process. We plan to scale our platform to the entire Taipei Medical Healthcare System in the near future. In order to popularize blockchain application in Taiwan, we created the Healthcare Blockchain Alliance. Our alliance aims to not only promote blockchain, but also to follow Taiwan’s governmental policies regarding the promotion, formulation and standardization of medical data transfer protocols, data-driven medical application development, and public health campaigns.
14:00-14:30
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION
DATA PROTECTION, EHEALTH AND INTEROPERABILITY IN HEALTHCARE & MEDICAL DEVICES BLOCKCHAIN IN HEALTHCARE CONGRESSRISK REDUCTION & VULNERABILITY MANAGEMENT
14:00-14:30
SOLUTION PROVIDER PRESENTATION:SENIOR REPRESENTATIVEIDBSTitle TBC
12:30-12:45
12:30-13:00
SOLUTION PROVIDER PRESENTATION:ALAN CALDERFounder and Executive Chairman at IT Governance Implementing a cyber resilient strategy
and sustaining compliance with the GDPR and NIS Directive• An overview of the current cyber security landscape; threats,
compliance standards and legislation.• The role of senior management in ensuring compliance and
cyber resilience is a strategic focus. • Implementing accountability frameworks in line with the
GDPR and NIS Directive requirements. • The role of a robust staff awareness programme in
supporting a culture of cyber resilience and compliance.• Embedding data protection by design and by default and a
holistic approach to achieving a cyber resilient posture.
12:30-13:00
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION
Lunch13:00-14:00
STUART LACKEYCEO, SolasterTitle TBC
12:45-13:00
Invitation Out
CONGRESS SCHEDULE
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
DAY 1 THURSDAY 3RD MAY 2018
Afternoon Refreshments / One-to-One Meetings15:20-16:10
14:55-15:20
KATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, EstoniaHow to secure data in a connected world• Data ownership and accountability - Examples from the Health Insurance fund: how
to secure data on a national level with different stakeholders- Law supporting cyber security- Justified access to data- Patient empowerment and personal ownership of data- Public awareness
• Preventing fraud (healthcare services, prescription drugs, medical devices) - Security by design on secure platforms- Strong digital identity- Online validation, automatic controls, on time access and verification- Transparency of data usage
• Securing healthcare in collaboration with stakeholders - Collaboration with health care providers and national agencies- Distribution of power – not all in one place- Example: pacemaker hack 29.08.2017
14:55-15:20
14:55-15:20
MADIS TIIKSenior Lecturer, Tallinn University of Technology, EstoniaeHealth in Estonia - Secure data exchange since 2009 • Estonian eHealth System is utilizing the
benefits of national ICT architecture: PKI infrastructure, secure data exchange environment x-road and clear ownership of the data. Full transparency, opt-out approach and citizens’ rights to see all logging information are some of the key-words of Estonian eHealth System.
• Benefits of the national data exchange can come only after integration of all users and acceptance by all stakeholders. This allows to build smart services for citizens and for healthcare providers.
• These developments are very good ground for more personalized medicine. Estonia has all preconditions for successful implementation of personalized medicine – Estonian Genome Bank started giving feedback to donors, we have permissive legislation and trust in society and growing interest among citizens to take more responsibilities.
14:30-14:55
DENISE ANDERSONPresident, National Health Information Sharing and Analysis Center (NH-ISAC), USACollaborative securityThis session will:• Cover the threat landscape for healthcare
• Show the importance of information sharing and the need for a focus on enterprise risk management
• Illustrate with a case study how organizations through collaboration can quickly stay on top of and mitigate threats.
14:30-14:55
14:30-14:55
SEAN MOSS-PULTZCEO, Bitmark Inc.Protecting your personal health data by turning it into digital property• Simple tools for individuals and businesses to generate value from their data.
• Create, transfer, and authenticate digital property.• Trace ownership and attribution without requiring central
authorities or intermediaries.• Case study with UC Berkeley around personal health data.
MANREET NIJJARCo-founder & ID physician - Identity and Infectious Diseases, Oxford University NHS foundation Trust/NHS England Clinical Entrepreneur FellowIdentity & Infectious Diseases: Creating
an epidemic of trust in digital healthcare using Distributed Ledger Technology A story of a personal tale and a problem to solve - highlighting the current issues in identity management in healthcare workers, interwoven with Infectious Diseases treasures and ending with DLT identity solution.
RAM RAMADOSSVice President – Privacy, Information Security, EHR Compliance Oversight, Catholic Health Initiatives, USAChallenges and opportunities in managing cyber risks
• Outline the resource, technology, awareness and financial challenges among small and medium providers to handle emerging security risks and ransomware attacks
• Explore potential opportunities to help small, medium and even large healthcare providers especially from efficient management of cyber risk program
• Call for an active participation by the board members and audit compliance committees in raising the support and investment required for cybersecurity programs
• Highlight key recommendations from the National Cybersecurity Taskforce formed by the Department of Health and Human Services
CONGRESS SCHEDULE DAY 1 THURSDAY 3RD MAY 2018
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
17:00-18:00
SECURITY ROUNDTABLE DISCUSSIONS SESSION 1:
Table 1: Data security measures to take in a digital worldKATRE KUKLASEChief Information Security Officer, Estonian Health Insurance Fund, Estonia
Where are we moving to with the 4 P-s? • Participatory – data given by patients over several different
devices (pacemakers, smartphones, apps, etc)• Personalized – specific and varied healthcare options due to
data provided by patient• Preventive – patients aware of their own health, making
good decisions• Predictive – technological progress that enables predictions
based on past medical history
Table 2: Developing a cyber security strategyTable 3: Security and privacy implications of blockchain in life sciences and healthcareCAROLINE RIVETTCyber Security & Privacy Director, Life Sciences, KPMG London, UK
Blockchain is often considered to be secure. But is it? Caroline will lead a round table discussion into some of the security and privacy implications of blockchain and other distributed ledger technologies.
17:00-17:30
SHUJUN LIProfessor of Cyber Security, School of Computing Director, Interdisciplinary Research Centre in Cyber Security, University of Kent, UKAddressing Cybersecurity and Cybercrime
via a co-Evolutionary aPproach to reducing human-relaTed risks: Healthcare as a use caseIn this talk, the speaker will introduce an ongoing research project funded by EPSRC (Engineering and Physical Science Research Council), which will develop a new socio-technical framework and corresponding software tools for reducing human-related risks. The framework follows a human-in-the-loop and co-evolutionary approach. He will discuss how such a framework can be applied to a healthcare use case, and how people from the health sector may collaborate with the project team.
17:00-18:00BLOCKCHAIN ROUNDTABLE DISCUSSIONS SESSION 1:
Table 1: How to conciliate Blockchain & the right to be forgotten?AURÉLIE BAYLELegal Consultant, be-studys/University of Montpellier
• Blockchain & GDPR• Can a blockchain contain personal data? (Is the public key a
personal data?) • Who’s data controller in the blockchain?
Table 2: Title TBCSIDDHI TRIVEDI
Table 3: Title TBCMARC PILKINGTONAssociate Professor of Economics, University of Burgundy Franche Comté
Table 4: Title TBCSTUART LACKEYCEO, Solaster
16:10-16:35
FRANCK CALCAVECCHIAInformation Security Officer, University Hospitals of Geneva, SwitzerlandMedical devices: safety or security?Incidents like WannaCry or NotPetya impacting hospitals’ operation shouldn’t be
a surprise. The root causes have been well known for years. However a large majority of medical equipments suppliers are still behind. This talk will focus on the challenges that hospitals have to manage that risk with regards to patient life.
TONY CLARKEHead of Information Security, ICON Clinical Research, IrelandProactive security - Cyber simulations & playbooksMany in the security industry feel that security
breaches are not a matter of 'if ' but 'when'. Cyber simulations and Cybersecurity playbooks can be effective tools to prepare for cybersecurity incidents. This session will outline how to develop a cybersecurity playbook and how to utilise simulations to test incident response processes.
IVAN SANCHEZChief Information Security Officer, Sanitas, SpainTitle TBCThis talk will provide an overview of cyber security strategy development at a large healthcare organization
16:10-16:35
DIMITRA PAPADOPOULOUFounder, German Blockchain for Healthcare and Research AssociationBlockchain for eHealth and innovative collaboration models
• The need of Real World Evidence and the role of blockchain• Social vs Patient centric approach where is the difference? What
is needed to design and develop effective ehealth solutions?• What’s now and what's next on the way of digitizing healthcare
16:10-16:35
16:35-17:00
ADA JONUSECo-Founder and CEO, LympoTitle TBCMonetising and ownership of wearable data16:35-17:00
16:35-17:00
RAMÓN SERRESHead of Information Security, Quality and Risk, Almirall, SpainLessons learnt from an information security strategy execution• Background: our company, where we come
from in terms of information security• Security strategy versus security program• Lessons learnt when tackling the regulatory framework,
funding for security, c-level involvement, program execution.
CONGRESS SCHEDULE DAY 1 THURSDAY 3RD MAY 2018
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
17:30-18:00
STEVE WILLIAMSONDirector, IT Governance, Risk & Compliance, GlaxoSmithKline, UKGo Agile and stay secure • Software development methodologies based on Agile are characterised by
evolving requirements and adaptive planning, which helps ensure a continuous delivery of business value through application software
• A common cause of security breaches is vulnerabilities in the application layer. Many of these are easily prevented through the use of secure software development practices and penetration testing. However, these practices were not designed with Agile development in mind
• This presentation will discuss how to embed secure development practices throughout the Agile software development lifecycle, with the aim of delivering secure software on the first and each subsequent release
Chair's Closing Remarks / End of Day 1 / Complimentary Drinks Reception - CONTACT NICK BEST ON +44 (0) 743 208 6048 FOR SPONSORSHIP OPTIONS18:00-19:00
17:00-18:00
17:00-18:00
Continued
Table 4: Incident Response
CONGRESS SCHEDULE DAY 2 FRIDAY 4TH MAY 2018
08:40-09:15
KEYNOTE ADDRESS:CAROLINE RIVETTGlobal Cyber Security Lead for Life Sciences, KPMG, UKMalware, resilience, blockchain and the GDPR: Can security enable better healthcare?Digital health technology of sensors, apps, blockchain and AI offer the promise of better health and care for chronically sick people. With our ever increasing reliance on systems, data and technologies in health and life sciences, we become more exposed to the impact of poor security, a previous lack of investment in systems and the requirements of the GDPR legislation. Drawing on her recent
experiences as a CISO and security consultant to some of the world's largest pharmaceutical companies, Caroline will explore the security risks to healthcare and life sciences companies and the potential solutions available.
08:00-08:40
Global Engage Welcome Address and Morning Chair’s Opening Remarks:
Registration & Refreshments
08:40
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT
09:15-10:05
09:15-09:40
CYBER SECURITY STRATEGY BLOCKCHAIN IN PHARMA & PRECISION MEDICINE
JANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech RepublicMSD Cyber Incident and Lessons Learned • NotPetya – June 2017: How it got into our network and how it spread• How we recovered• Lessons learned
KATHERINE MERTONHead of Johnson & Johnson Innovation, JLABS @ NYC, USABlockchain start-ups and their integration into the healthcare landscape This talk will be a review of blockchain start-ups in the previous three years, examining what they need to succeed and what large corporations (such as J&J) can do to support their growth.
09:40-10:05
NATALIE FURNESSCommunications Director, MedicalChainWhere are we going now?Explore the future of personalised healthcare with Dr Albeyatti. The CEO and Co-Founder of Medicalchain will discuss the importance of patient-centric healthcare, facilitated by blockchain technology. Gain an understanding of how to improve
service efficiency, interprofessional communication and clinical outcomes by building borderless healthcare around personal health data.
10:05-10:35
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION
Morning Refreshments / One-to-One Meetings10:35-11:45
CYBER SECURITY STRATEGY BLOCKCHAIN IN PHARMA & PRECISION MEDICINESECURING MEDICAL DEVICES
11:45-12:15
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION 11:45-12:15
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION 11:45-12:15
For sponsorship opportunities contact Nick Best atEmail: [email protected]
Tel: +44 (0) 743 208 6048
SOLUTION PROVIDER PRESENTATION
10:05-10:35
SOLUTION PROVIDER PRESENTATION:SENIOR REPRESENTATIVEGarrison Technology LimitedTitle TBC
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
CONGRESS SCHEDULE DAY 2 FRIDAY 4TH MAY 2018
12:40-13:05
SALLY EAVESCo-Founder & CMO, Project ShivomProject Shivom – A Blockchain-Powered Digital Genome Repository
12:15-12:40
KEYNOTE ADDRESS:JIM JACOBSONChief Product and Solution Security Officer, Siemens Healthineers, USAPractical solutions for mitigating cybersecurity challenges in connected medical devices
With the rise of sophisticated technologies and software used in connected medical devices, manufacturers are now working vigorously to implement additional safeguards to minimize cybersecurity risks. Until recently, medical device companies haven’t planned a comprehensive security program that takes into account the security of the software for the duration of the lifecycle; however, the FDA has recently encouraged medical device manufacturers to collaborate with ethical hackers, those who uncover and rectify vulnerabilities and flaws, to assist in the development and ongoing management of devices which minimize security flaws. While there is no “one size fits all” solution to device cybersecurity, industry professionals will benefit from a greater understanding of common challenges associated with connected medical devices and solutions for fixing them. This presentation will focus on the following cybersecurity related areas:• The elements of a comprehensive security program• Overcoming the hidden costs of insecure legacy devices• Implementing effective vulnerability management• Information sharing beyond regulatory expectations
12:15-13:05
SECURITY ROUNDTABLE DISCUSSIONS SESSION :
Table 1: Business Continuity & ResilienceNEIL QUIOGUEDirector of Information Security, McKesson, IrelandIn 2017, a number of global ransomware events
impacted a number of organisations resulting in hundreds of millions of dollars in costs from loss of sales to cost of remediation. With this, resiliency has become a focus area for a number of organisations. Has resilience been discussed within your organisation? What does being resilient mean to you and your organisation? Have you identified all components of your business processes including reliance on third parties? How long will your organisation be able to ship products if your manufacturing is impacted? Join us in this round table to discuss and share your experience in improving resiliency in organisations. We won't solve it in one sitting but this will hopefully spark future discussions and collaboration among our organisations.
Table 2: SegmentationJANET SCOTTExecutive Director, Cybersecurity Engineering, Merck Sharp & Dohme, Czech Republic
• What should be considered for segmentation? (network traffic, privileged accounts, data centers, etc.)
• How should they be segregated? (by region of the world, by business units, etc.)
• How much granularity makes sense?• How does your company get the greatest impact with the
least effort?
Table 3: A search for the ultimate digital risk and risk investments dashboardingSTEFAN VAN GANSBEKECISO - Director Risk Security & Legal, CM-MC - Mutual health insurance, Belgium
Why is it so difficult to create a business case for security initiatives? Let us explore and exchange good reporting and dashboarding examples that makes our cyber and digital risk management life easier.
Table 4: GDPR & the relationship between information governance & security
12:15-12:40
JOHN BASSFounder & CEO, Hashed HealthBlockchain's Promise for Speeding Drugs to Market2018 is proving to be a breakout year for blockchain-based solutions for the Life
Sciences industry. This presentation will provide a forum to discuss pharma-related use cases that are active within the Hashed Health ecosystem including:• track & trace• outcomes data collection• clinical trials• reducing the distance between pharma and the consumer• PBMs• registries• value-based / indication-based payments
12:40-13:05
WILLIAM HAGESTADSenior Principal Cyber Security Engineer, R&D, Smiths Medical, USAThe future of cyber warfare in healthcareIs your company or health service protected against cyber warfare? In an increasingly digital
environment, strong cyber defences are essential to survival. Lieutenant Colonel, USMC (Retired) Bill Hagestad will elaborate on the future of cyber warfare in healthcare and the implications for the medtech industry from a corporate and product point of view. Mr. Hagestad is an internationally recognized and respected authority on cyber warfare having published three books on the topic and currently leads the cyber & information security engineering development for Smiths-Medical. Objectives:• To elaborate on the current and future state of play of cyber
warfare in healthcare with a focus on the MedTech industry.• To give a frank assessment of the current preparedness of the
MedTech industry and how to cope with future trends.
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
CONGRESS SCHEDULE DAY 2 FRIDAY 4TH MAY 2018
14:15-14:40
ABHIMANYU VERMALead - Applied Technology Innovation, Novartis, SwitzerlandTitle TBC• Blockchain Use cases in Pharma• Blockchain and counterfeiting
• Healthcare Blockchain Ecosystem• Why Healthcare needs a Blockchain consortium
14:15-14:40
JASON MEDEIROSSenior Vice President, Hosting, American Well, USABuilding an efficient cyber security program in healthcareBuilding a cybersecurity program can be
complex and costly for any organization, especially companies working with sensitive healthcare information. As healthcare technology systems come under increasing threats, it is more important than ever to weave cybersecurity into your organization’s DNA - from the entry level employee to the C-Suite. This presentation will discuss how to gain insight into what threatens your organization, and how you can enlist your entire workforce to practice continuous cyber self-defense.
14:15-14:40
GARVAN LYNCHSuperintendent Pharmacist, Lynch’s Pharmacy, IrelandIntegrated security plan for medical device software: scalability and the lifecycle• Integrated security plan: key activities to
ensure scaling up operations, lifecycle coverage, successful interaction with regulators.
• Six foundations addressing design, risk management, operations, users, incident response, service enhancements, based on a detailed, ongoing regulatory review.
• Security experience from designing the system and interaction with regulators and sponsors on a novel pharmacy patient and medication monitoring service.
14:40-15:30
BLOCKCHAIN ROUNDTABLE DISCUSSIONS SESSION 2:
Table 1: Expectations and pain points – what problems can blockchain realistically solve for healthcare and how do we go about doing it
NICLAS NILSSONHead of R&D Open Innovation, LEO Pharma A/SAs with many new technologies expectations are high as blockchain promises are made broadly and generously. But how can we move from thinking what great potential blockchain holds for healthcare and pharma to actual implementation and overcoming hurdles and gaps? Looking at Healthcare from the Pharma R&D angle, we will discuss topics that will help identifying realistic pain points, hurdles to achieve solutions and real world use cases – but from both the technical blockchain as well as the healthcare use perspective.Discussion topics include:• Language barrier• Thinking big or small• The true benefits of using distributed ledgers in healthcare
and pharma• Culture of working• Applying open innovation in pharma powered by blockchain
Table 2: How do we accelerate Blockchain adoption in Healthcare?PASCAL BOUQUET Global Head Technology and Architecture for Global Drug Development, Novartis
• Blockchain healthcare promises to improve the way medicines are developed, manufactured and delivered to patients - all while
14:40-15:05
14:40-15:05
MICHAEL MCNEILGlobal Product Security & Services Officer, Philips Healthcare, USATitle TBCThis talk will focus on key security challenges facing medical device manufacturers, and developing a cyber security strategy that addresses these challenges
Lunch13:05-14:15
STEVE JOHNSONEMEA Information Security Manager, Orion HealthTake the red pill: managing the rabbit hole of healthcare threatsMedia headlines and political soundbites
regularly criticise the activities and efforts of the health and social care sector. In addition, 2017 saw the unprecedented impact of Wannacry malware and the difficulties to recover from that incident. It clearly demonstrated that security risks are realised as clinical risks to individuals in care. Against this backdrop, the health and social care sector is being disrupted to enable improvement. There is a clear drive to improve population health and avoid or reduce the need for clinical intervention through proactive health engagement and self-care of chronic conditions at home or with localised care support. Digital health and social care systems from IoT medical devices to in-hospital clinical care systems are rapidly growing in diversity and interconnected complexity to support that initiative. This presents unique challenges to manage risks and emergent threats. In this presentation we'll 'take the red pill and see how deep the rabbit hole goes', looking at the scope and scale of the challenge, some of the less well-known threats and the treatments being applied to keep our health care systems healthy.
PROGRAM STRATEGY, IMPLEMENTATION & EXECUTION BLOCKCHAIN IN HEALTHCARESECURING MEDICAL DEVICES
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
CONGRESS SCHEDULE DAY 2 FRIDAY 4TH MAY 2018
KATRINE VEDELSpecial Advisor, Health Innovation Centre of Southern Denmark and Manager of Colab Plug&Play, DenmarkInteroperability and infrastructure for point-of-care and mobile devices in the patients’ own home• Learn how Colab Plug&Play – a test and demonstration lab, dedicated to digital healthcare solutions and part of the innovation efforts in the Region of Southern Denmark – engages in public-private collaboration and innovation by utilizing the national infrastructure and standards for interoperability in Denmark.
• Learn how standards and infrastructure components can be used to support both innovation and cyber security at the same time.• Sounds interesting? - Find out how you can be part of it as well.
Conference Close15:55
15:30-15:55
15:30-15:55
increasing the trust between all involved parties.• If there is an increased interest across the industry to adopt
blockchain and create value, initiatives continue to be driven by a limited number of industry members and consultancies.
• An uncoordinated approach runs the risk that benefits to patients and the industry may take many years to mature and materialize, especially considering the environment’s complexity and amount of coordination required to achieve tangible outcomes.
• How do we band all together to accelerate Blockchain adoption?
Table 3: Blockchain for Pharma/Medtech LogisticsSTEFAN WEBERChief Operating Officer, modium.io• Transport in highly regulated environments
• Prescribed and monitored environmental conditions• Falsified medicines• Trust and data portability between a multitude of worldwide actors • Common practical issues and sources of (compliance)
excursions and irregularities
Table 4: Blockchain for Clinical Trials and Life SciencesMELEK SOMAIFellow in eHealth & Research at the Centre for Cryptocurrency Research & Engineering, Imperial College London
• What are the opportunities of blockchain/DLTs in Life Sciences and clinical trials?
• What are the bottlenecks (regulation, etc.) that impede blockchain in Life Sciences?
• What are the current use cases in Life Sciences?
STEVE ABRAHAMSONSenior Director, Product Cyber Security, GE Healthcare, USAThe Greatest Challenge: Post-Market Cyber Risk Management for Medical Devices Managing post-market risk in medical
devices is perhaps the most challenging aspect of medical device cyber security. Different stakeholder groups and interests intersect including patient data protection, patient safety, and device availability. Additionally, cyber security risk must be viewed within the complete context of Healthcare delivery, not as a stand-alone risk category. This presentation will explore best practices for device manufacturers and how collaboration between device manufacturers and health care providers is the key to managing risk. Areas of discussion will include:• Concepts of assessing risk within products placed on the market• Incorporating post market risk management within a cyber
security program• Regulatory considerations: integrating with the Quality
Management System• Creating a shared view of risk within Healthcare
15:05-15:30
NEIL QUIOGUEDirector of Information Security, McKesson, IrelandSo you've implemented your security programme, now what?Your organisation undertook a multi-year effort
to implement a security programme. Now that you are nearly done with the 'Build' phase, you need to move to the 'Run' phase. How ready is your organisation to do 'Run' and continuously improve upon what you have implemented in an ever-changing business environment and cybersecurity threat landscape? In this session, we will talk about some of the lessons learned as an organisation transitioning to the 'Run' phase to help ensure that the programme is sustained for years to come.
15:05-15:30
PRE-CONFERENCE WORKSHOP
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018
WORKSHOPPre-Conference Workshop
Sponsored by:
Join us for a chance to collaborate with other healthcare providers, medical device manufacturers and biotech/pharma stakeholders in a free interactive forum.
Registration is complimentary
Potential Medical Device Agenda topics to include:• Security Testing Before Deploying Critical and High Risk Medical Devices
• IoT Tools Used by Medical Device Manufacturers and Health Systems to Scan Medical Devices• Responsibly Communicating Vulnerabilities to Health Systems
• Life Cycle Management of Connected Medical Devices• More to come….
Potential BioTech/Pharma Agenda topics to include:• Current Pharmaceutical Threat Landscape
• Cloud Security and Compliance• General Data Protection Regulation
• Distributed Trust Models – The Blockchain in Security• More to come….
CPE's may be available to attendees. You must self-certify with an organisation such as ICS2 or ISACA
See NH-ISAC’s presentation at Global Cyber Security in Healthcare and Pharma Summit May 3-4th.Register at www.global-engage.com/event/cyber-security-summit
**NOTE – Attendance Restrictions: NH-ISAC restricts attendance to its respective members, potential members, and related industry interested parties. Companies selling a product of interest are required to provide sponsorship to obtain access to the event, and members
of the media are not allowed. NH-ISAC reserves the right to cancel and/or refund any admission that does not meet our criteria.
Medical Device and Pharmaceutical Security Workshop
Wednesday May 2nd 20188:30am-4:30pm
Radisson Blu Edwardian, Heathrow, London1 Day Prior to Global Cyber Security in Healthcare & Pharma Summit
VENUE INFORMATION
Radisson Blu Edwardian Heathrow,140 Bath Road, HayesMiddlesex, UB3 5AW, England
The award-winning Radisson Blu Edwardian, Heathrow hotel feels anything but an airport hotel. The grand lobby with glass chandelier, ornate marble staircase and striking Eastern artwork all contribute to a luxury stay. Our bedrooms combine modern comfort with attractive furnishings and the latest technology. The hotel offers three fabulous dining options - Steak & Lobster, Bijou Lounge Bar and Indian restaurant, Annayu; and a tranquil spa, Pegasus.
Ideally located 10 minutes from Heathrow Airport by free public transport or the Hotel Hoppa bus, central London can also be reached in 30 minutes. With Crossrail opening in December 2019, it'll soon be even quicker and easier to reach us.
GLOBAL CYBER SECURITY IN HEALTHCARE & PHARMA SUMMIT / BLOCKCHAIN IN HEALTHCARE CONGRESS 2018