BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Enhancing Cybersecurity Resilience in the Brazilian Healthcare\n Sector: A Novel Red Team and Blue Team Methodology\n When : Saturday\, Aug 12\, 15:30 - 16:10 PDT\n Where: Flamingo - Laughlin I\, II\,III - Biohacking Village - [1]Map\n Speakers:Arthur Paixão\,Diego M ariano\n\n SpeakerBio:Arthur Paixão\n Arthur: 14 years of experience\ , possesses expertise in offensive\n security and threat intelligence in the financial and healthcare\n sectors.\n\n SpeakerBio:Diego Mariano \, CISO at Albert Einstein Hospital\n Diego: In cybersecurity for 20 yea rs\, currently holding the CISO\n position at Albert Einstein Hospital. Beyond professional dedication\,\n a passionate practitioner of kriya yo ga and meditation.\n\n Description:\n This paper presents a novel meth odology that combines red team and\n blue team exercises to enhance cybe rsecurity resilience in the\n Brazilian healthcare sector. The methodolo gy is designed to go beyond\n the traditional roles of red teams and blu e teams. It incorporates\n threat injection exercises with a newly creat ed prioritization method\,\n training the Red Team to assist the CSIRT i n responding to incidents\n and creating a new role for the Red Team. Ad ditionally\, a new\n technique called Offensive Intel monitors the threa t landscape of\n competitors and provides insights on how to protect our own landscape.\n The methodology also incorporates techniques to deal w ith VIP patient\n data and policies to control staff curiosity. Some rea l-life use cases\n will be presented to evidence the effectiveness of th e methodology.\n One such use case involved an almost successful attempt to destroy\n medical equipment during a penetration testing exercise an d how to not\n do it again. Another one presents vulnerabilities identif ied in air\n conditioning controllers\, EMR systems\, and exam results s ystems that\n are used in the entire country. And two incidents that wer e\n successfully contained with the help of threat injection and offensi ve\n intel. The methodology's effectiveness also led to the inference of \n the Brazilian TOP 10 Vulnerabilities in the Healthcare Sector\, based \n on findings across systems used throughout the country. The list\n provides insights into the most critical vulnerabilities facing\n health care institutions in Brazil and will be presented at the\n conference. T he vulnerabilities were categorized by the degree of harm\n they can inf lict on patients and the impact on healthcare services.\n The methodolog y's results also drove to the development of a tool that\n assists other cybersecurity teams in conducting safe red and blue team\n exercises in the healthcare sector. The tool augments cybersecurity\n resilience by improving the capabilities of CSIRT and threat intel\n teams and is valu able to other cybersecurity professionals in the\n industry. In conclusi on\, the novel methodology provides a unique\n approach to enhancing cyb ersecurity resilience in the Brazilian\n healthcare sector. The incorpor ation of threat injection exercises\,\n Offensive Intel\, and a new role for the Red Team offers a\n comprehensive and effective approach that g oes beyond traditional red\n team exercises. The methodology and tool ca n be replicated and the\n approach's effectiveness has been demonstrated through real-life use\n cases and the creation of the TOP 10 Vulnerabil ities in the Healthcare\n Sector in Brazil. By adopting this methodology \, healthcare\n institutions in Brazil and around the world can better p rotect patient\n data and improve cybersecurity resilience.\n '\n\n 1. #FlamingoThirdFloor\n\n\n DTEND:20230812T231000Z DTSTART:20230812T223000Z LOCATION:BHV - Flamingo - Laughlin I\,II\,III - Biohacking Village SUMMARY:Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sect or: A Novel Red Team and Blue Team Methodology END:VEVENT END:VCALENDAR