Photo: Kindamorphic/Getty Images
With cyberthreats against hospitals and health systems growing more targeted, automated and disruptive, healthcare organizations are being forced to rethink cybersecurity as a core business and patient-safety function rather than a purely technical discipline.
The role of the healthcare chief information security officer is expanding from operational defender to executive leader responsible for resilience, regulatory readiness, workforce development, and alignment with enterprise strategy.
Industry collaboration, shared intelligence and common risk frameworks are increasingly viewed as essential to building sustainable, sectorwide defenses.
Here's a look at just a few of the sessions healthcare security leaders can learn from at the upcoming pre-conference Healthcare Cybersecurity Forum at HIMSS26 in Las Vegas next month.
Cyber Recovery at the Speed of Patient Care
Joye Purser, global field CISO at Cohesity, will discuss how healthcare organizations are redefining cyber resilience around recovery readiness as cyberthreats and system interdependencies increase the operational impact of disruptions across patient care and business operations.
She will examine how health systems are embedding resilience into cross-functional security strategies, simplifying complex hybrid environments, and aligning cyber recovery planning with clinical and operational priorities to enable faster, more confident restoration of services and sustained continuity of care.
Real-World Cyber Recovery Strategies From Healthcare's Front Lines
Lessons learned from real-world healthcare cyber recovery incidents will be the focus of this session, as Tamer Baker, healthcare CTO at Zscaler; Todd Felker, executive healthcare strategist at CrowdStrike; and Josh Howell, field CTO for healthcare at Rubrik, share their experiences supporting healthcare organizations through active security events and recovery operations.
The discussion will examine how to design resilient recovery strategies that reduce downtime; integrate backup, endpoint and network security technologies into a coordinated recovery posture; and apply practical testing and validation approaches to ensure organizations are ready to restore critical clinical and operational systems when disruptions occur.
United Front: Strengthening Cybersecurity in Rural and Vulnerable Healthcare Systems
Cyberattacks are an escalating risk for rural healthcare organizations, where limited budgets, staffing shortages and aging infrastructure often constrain traditional security approaches.
In this panel, Tianna Fallgatter, director of business development at The Rural Collaborative; Garrett Hagood, CISO at the Coastal Bend Regional Advisory Council; Jim Roeder, CIO and VP of information technology at Lakewood Health System; and Greg Sieg, CISO at Michigan Medicine, will share how rural and regional providers are building practical, low-cost cyberdefense strategies through collaboration, shared services and mutual aid networks to improve resilience against growing threats.
AI vs. AI: How Healthcare Is Fighting Fire With Fire in Cybersecurity
As it is nearly everywhere else, artificial intelligence is now a central issue in healthcare cybersecurity, as attackers leverage the technology to target connected medical devices, patient data and clinical workflows. Health systems are under pressure to respond without disrupting care delivery – and many are finding success with AI-enabled defenses.
In this session, Dennis Chornenky, executive director, Valid AI; Proofpoint Chief Strategy Officer Ryan Kalember; Stanford Children's Health CISO Robert Maclay; and Kristen Ray, enterprise security architect, Universal Health Services, share frontline perspectives on how AI-driven attacks are changing the threat landscape, and how AI technologies are managing the threats.
Toward a Cure for Healthcare Ransomware: Innovation and Impact
More than a decade since it first burst onto the cybersecurity scene, ransomware remains one of the most persistent and dangerous threats facing hospitals, with operational and patient-safety pressures often leaving organizations few viable options when under attack.
In this session, Christian Dameff and Jeff Tully, co-directors of the UC San Diego Center for Healthcare Cybersecurity, draw directly on their clinical and research work supporting hospitals during real ransomware incidents to explain how early-warning and rapid-response technologies being developed at UC San Diego aim to turn ransomware from a systemwide crisis into a recoverable operational disruption.
The HIMSS26 pre-conference Healthcare Cybersecurity Forum is scheduled for Monday, March 9, from 8 a.m.-5 p.m., in Level 3, San Polo 3501A.
