San Francisco, CA
May 11-12, 2017

Matt Trevors

Senior Cybersecurity Engineer, Cybersecurity Assurance Team
CERT, Software Engineering Institute, Carnegie Mellon University

Matt Trevors is a senior member of the technical staff with the CERT Division of the Software Engineering Institute at Carnegie Mellon University. As a member of the Cybersecurity Assurance team, he supports various U.S. government agencies as they continue to augment the cybersecurity resiliency of the U.S. critical infrastructure.

Before joining the team at CERT, Matt acquired almost two decades of experience in the trenches of information technology, with the majority of that time spent in the healthcare field.

Matt is a graduate of Boston University's Master of Computer Information Systems Program where he graduated in 2015 with concentrations in health informatics and security. Matt is also a graduate of the University of New Brunswick's Bachelor of Computer Science Program (1999), a Certified Information Systems Security Professional (CISSP), a Certified Cloud Security Professional (CCSP), and a Certified Ethical Hacker (CEH).

May 12, 2017
11:25am - 12:00pm
Grand Ballroom

For small and medium healthcare institutions developing security controls that meet the requirements of the HIPAA Security Rule can be a daunting task. What's more, is addressing the requirements of the HIPAA Security Rule even sufficient to secure your patient’s data? 

To help organizations create an effective security program and begin to meet the needs of the HIPAA Security Rule, in this session, CERT Senior Cyber Security Engineer Matt Trevors explains how to use the Center for Internet Security’s Critical Security Controls (CIS CSC). 

He'll also discuss the Cyber Resilience Review (CRR), a free assessment tool that can be used by any organization to evaluate their security program.

Key takeaways:

Obtain a high level understanding of the CIS CSC and where to find them.

Know how the CIS CSC can help you address the HIPAA Security Rule requirements.

Gain a high level understanding of the DHS Cyber Resilience Review and how to schedule an assessment.

May 12, 2017
10:45am - 11:25am
Grand Ballroom

One of the most valuable ways to learn is through interaction with your peers. Our “Total Engagement” session will provide an opportunity to meet speakers and attendees who have similar privacy and security challenges and discuss solutions to those challenges. Mingle, share and learn in this interactive environment.

Here's how it works:

Speakers will be stationed at different tables in the ballroom and attendees can circulate and speak one-on-one or in groups with individual speakers.

This is a great opportunity to gather information that addresses your organization’s specific privacy or cybersecurity challenges.

Speaker Line-up:

  • Jane Harper, Henry Ford Health System: Risk Management
  • Dan Bowden, Sentara Healthcare: Network Segmentation, Two-Factor Authentication
  • Jamie Lam, UCSF School of Medicine: Shadow IT, Cloud Computing
  • Sharon Klein, Pepper Hamilton: Mobile Medical Applications
  • Kevin Fu, University of Michigan: Medical Device Security
  • Matt Trevors, CERT: Insider Threats, Social Engineering
  • Darin Prill, Children's Mercy Hospital, Incident Response
  • Kim Jones, Arizona State University: Metrics
  • Allen Briskin, Pillsbury Winthrop Shaw Pittman: HIPAA Compliance
  • Terry Ziemniak, Carolinas Healthcare System: Leadership and Communicationt

Get Updates

Sign up to get the latest information on upcoming events.