San Francisco, CA
May 11-12, 2017

Matt Trevors

Senior Cybersecurity Engineer, Cybersecurity Assurance Team
CERT, Software Engineering Institute, Carnegie Mellon University

Matt Trevors is a senior member of the technical staff with the CERT Division of the Software Engineering Institute at Carnegie Mellon University. As a member of the Cybersecurity Assurance team, he supports various U.S. government agencies as they continue to augment the cybersecurity resiliency of the U.S. critical infrastructure.

Before joining the team at CERT, Matt acquired almost two decades of experience in the trenches of information technology, with the majority of that time spent in the healthcare field.

Matt is a graduate of Boston University's Master of Computer Information Systems Program where he graduated in 2015 with concentrations in health informatics and security. Matt is also a graduate of the University of New Brunswick's Bachelor of Computer Science Program (1999), a Certified Information Systems Security Professional (CISSP), a Certified Cloud Security Professional (CCSP), and a Certified Ethical Hacker (CEH).

May 12, 2017
11:25am - 12:00pm
Grand Ballroom

For small and medium healthcare institutions developing security controls that meet the requirements of the HIPAA Security Rule can be a daunting task. What's more, is addressing the requirements of the HIPAA Security Rule even sufficient to secure your patient’s data? 

To help organizations create an effective security program and begin to meet the needs of the HIPAA Security Rule, in this session, CERT Senior Cyber Security Engineer Matt Trevors explains how to use the Center for Internet Security’s Critical Security Controls (CIS CSC). 

He'll also discuss the Cyber Resilience Review (CRR), a free assessment tool that can be used by any organization to evaluate their security program.

Key takeaways:

Obtain a high level understanding of the CIS CSC and where to find them.

Know how the CIS CSC can help you address the HIPAA Security Rule requirements.

Gain a high level understanding of the DHS Cyber Resilience Review and how to schedule an assessment.

May 12, 2017
10:45am - 11:25am
Grand Ballroom

One of the best ways learn is to network with your peers. This session will provide an opportunity to meet speakers and attendees who have similar privacy and security challenges and discuss solutions to those challenges.

Here's how it works:

Speakers will be stationed at different tables in the ballroom, and attendees can circulate and speak one-on-one or in groups with individual speakers. The speakers have been assigned different topics, but other topics can also be addressed.

Mingle, share and learn in this interactive environment.

Speaker Line-up

  • Darren Lacey, CISO, Johns Hopkins Medicine – Endpoint Security & Pen-testing
  • Darin Prill, Senior Director, Children’s Mercy Kansas City – Incident Response
  • Chad Wilson, Director of Information Security – Network Segmentation
  • Anahi Santiago, CISO, Christiana Care Health System – Medical Device Security
  • Heather Roszkowski, CISO, University of Vermont Health Network – Cybersecurity Strategy
  • Bruce James, Director of Security Architecture, Intermountain Healthcare – Identity & Access Management
  • Phil Alexander, Director of Information Security, UMC Health System – Security Automation
  • John Houston, VP, Privacy & Information Security, UPMC – 3rd Party Risk Management, Cloud Security
  • Sanjeev Sah, CISO, Texas Children’s Hospital – Mobile Device Management

Get Updates

Sign up to get the latest information on upcoming events.