Matt Trevors is a senior member of the technical staff with the CERT Division of the Software Engineering Institute at Carnegie Mellon University. As a member of the Cybersecurity Assurance team, he supports various U.S. government agencies as they continue to augment the cybersecurity resiliency of the U.S. critical infrastructure.
Before joining the team at CERT, Matt acquired almost two decades of experience in the trenches of information technology, with the majority of that time spent in the healthcare field.
Matt is a graduate of Boston University's Master of Computer Information Systems Program where he graduated in 2015 with concentrations in health informatics and security. Matt is also a graduate of the University of New Brunswick's Bachelor of Computer Science Program (1999), a Certified Information Systems Security Professional (CISSP), a Certified Cloud Security Professional (CCSP), and a Certified Ethical Hacker (CEH).
For small and medium healthcare institutions developing security controls that meet the requirements of the HIPAA Security Rule can be a daunting task. What's more, is addressing the requirements of the HIPAA Security Rule even sufficient to secure your patient’s data?
To help organizations create an effective security program and begin to meet the needs of the HIPAA Security Rule, in this session, CERT Senior Cyber Security Engineer Matt Trevors explains how to use the Center for Internet Security’s Critical Security Controls (CIS CSC).
He'll also discuss the Cyber Resilience Review (CRR), a free assessment tool that can be used by any organization to evaluate their security program.
Key takeaways:
Obtain a high level understanding of the CIS CSC and where to find them.
Know how the CIS CSC can help you address the HIPAA Security Rule requirements.
Gain a high level understanding of the DHS Cyber Resilience Review and how to schedule an assessment.
One of the most valuable ways to learn is through interaction with your peers. Our “Total Engagement” session will provide an opportunity to meet speakers and attendees who have similar privacy and security challenges and discuss solutions to those challenges. Mingle, share and learn in this interactive environment.
Here's how it works:
Speakers will be stationed at different tables in the ballroom and attendees can circulate and speak one-on-one or in groups with individual speakers.
This is a great opportunity to gather information that addresses your organization’s specific privacy or cybersecurity challenges.
Speaker Line-up:
