HIMSS Privacy and Security Forum in Boston

We took a red eye flight from SFO to Boston on Sunday to attend the HIMSS Privacy and Security Forum in Boston. Note to self: Don't take cross country, red eye flights on Sundays. Yikes. We landed so early we rented a room at a discount hotel for six hours just to catch up on sleep. The weather was cold and slushy as we arrived to the Westin Boston Waterfront. It was even colder however, during our Boston trip in April for the Medical Informatics World Conference.

HIMSS Privacy Workshop - Threat Intelligence: Head Off Attacks Before The Damage Is Done

I attended the session put on by Denise Anderson, Executive Director of NH-ISAC. Her presentation centered around sharing threat intelligence by NH-ISAC, the nation’s Healthcare and Public Health Information Sharing and Analysis Center. They are responsible for making public all-hazards (physical and cyber) to our nation’s critical security infrastructure resilient.

  Locky Ransomware still making the rounds in December 2016

Here are some things I learned from the session, Threat Intelligence: Head Off Attacks Before The Damage Is Done

• Hollywood Presbyterian Medical Center was hacked via a JBOSS vulnerability
• Locky Ransomware is still making the rounds among US healthcare systems
• STIX is a structured language for cyber threat intelligence. It has over 125 organizations as members.

HIMSS Privacy Session - Prepare and Protect: A Multi-Pronged Approach To Thwart Threats

I also heard Arthur Ream's presentation on his proactive work as Chief Information Security Officer at Cambridge Health Alliance (CHA). Art outlined the steps CHA has taken to successfully secure its systems, including implementing new solutions, exploring new technologies, training providers and staff, and conducting preparedness drills.

I was especially impressed by his ongoing efforts to launch phishing campaigns, as a preventative training measure, upon his own userbase. Afterwards, Art told me there's a steak dinner bounty among his staff for whoever can trick him into clicking on a phishing link. I thought that was pretty cool.

We're off to a Bruins game this evening. Looking forward to tomorrow.

SEE ALSO: Medical Informatics World Conference in Boston

SEE ALSO: Privacy and Security Social Mixer in Boston