Cybersecurity Awareness & Response Lunch & Learn

Wednesday, May 25th, 2022
Noon to 1 p.m.
Join us Virtually or In-Person

The California Life Sciences Headquarters
685 Gateway Blvd., Suite 100
South San Francisco, CA 94080

Lunch & Learn Agenda presented by ICE Consulting and Securonix. Reasons to attend? Consider these sobering facts on Cybersecurity incidents:

Since 2020, there has been over a five-fold increase in data breaches. This unprecedented spike has been so severe security experts have classified this activity as a “Cyber Pandemic.” The 2021 Annual Cost of a Data Breach Report published by the Ponemon Institute and IBM Security released these alarming statistics:

Data breach costs rose from $3.86 million to $4.24 million, the highest average total cost in the history of this report.
The average cost of a data breach for organizations with less than 500 employees was 2.94 million.
Customer personally identifiable information (PII) was the most common type of record lost, included in 44% of breaches and was the costliest record type, at $180 per lost or stolen record.
The Healthcare and Pharmaceutical Industries, which the report categorized both the biotech and life science sectors under, had the highest average total cost of a data breach experienced by any industry (Healthcare ranked #1, and Pharmaceutical #3).

Agenda

Noon:

Cyber Pandemic impact on the Life Science industry

12:10 – 12:25 pm

Cybersecurity challenges under current business and political environment

12:25 – 12:45 pm

Solutions of addressing cybersecurity challenges

12:45 – 1:00 pm

Q&A

All attendees will receive a $25 Amazon Gift Card

Guest Speaker

David Swift – Cybersecurity expert, professional speaker. There’s not much in security that David hasn’t done: consultant to Microsoft, Apple, Visa, Chevron, Amex; publications and articles; presentations at IBM, HP, and McAfee conferences; evangelism and business development for multi-million dollar businesses; management of teams from 15 to 150.

Omer Ayfer – An Adjunct Professor at Merritt College in the premier cybersecurity program. Omer hosts executive education sessions on topics such as AI/ML, cloud computing, blockchain, cryptography, and cybersecurity to a wide variety of audiences including as a guest lecturer at the Haas School of Business in Berkeley.

Your Hosts

ICE Consulting – was founded in 1997 by Uzair Sattar, and has been a CLS member for over a decade as a managed IT and managed security service provider in the power purchasing program.

Securonix – has delivered a next-generation security analytics and operations management platform for the modern era of big data and advanced cyber threats since 2007.

International Organization for Standardization (ISO)
ISO compliance is achieved when an organization meets the requirements outlined in a specific standard developed by the International Organization for Standardization (ISO). ISO has developed thousands of standards that cover all areas of business. These ISO frameworks are used by organizations to embed internationally standardized business practices.
×
×
WordPress Popup
Health Insurance Portability and Accountability Act (HIPAA)
Compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA) requires companies that deal with protected health information (PHI) to have physical, network, and process security measures in place and follow them. HIPPA laws are a series of federal regulatory standards that outline the lawful use and disclosure of protected health information in the United States.
×
×
WordPress Popup
Health Information Trust Alliance (HITRUST)​
The Health Information Trust Alliance (HITRUST) is a non-profit company that delivers data protection standards and certification programs to help organizations safeguard sensitive information, manage information risk, and reach their compliance goals. HITRUST stands out from other compliance frameworks because it harmonizes dozens of authoritative sources such as HIPAA, SOC 2, NIST, and ISO 27001. It is also the only standards development organization with a framework, assessment platform, and independent assurance program, which has helped drive widespread adoption.
×
×
WordPress Popup
Clinical Laboratory Improvement Amendments (CLIA)
Clinical Laboratory Improvement Amendments (CLIA) of 1988 contains the Code of US Federal Regulations that govern any entity that returns patient test results for the purposes of caring for that patient. CLIA ensures that there is a standard of quality associated with test results across laboratory testing performed on specimens from humans such as blood, body fluid, and tissue, for the purposes of diagnosis, prevention, or treatment of disease or assessment of human health. This ensures the accuracy, reliability, and timeliness of laboratory test results regardless of where the test was performed.
×
×
WordPress Popup
National Institute of Standards and Technology (NIST)​
NIST was created to improve U.S. innovation and competitiveness across industries “by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.”
Today, NIST remains one of the nation’s oldest physical science laboratories with a focus on three core competencies:
1. Measurement science
2. Rigorous traceability
3. Development and use of standards
NIST’s technical contributions to the development of information security standards have saved private industries more than $1 billion and drive consumer and business confidence.
×
×
WordPress Popup
General Data Protection Regulation (GDPR)
The goal of GDPR is to provide more stringent data privacy and security measures and more user-friendly disclosures and reporting on data protection practices. The regulations aim to allow individuals to control the use and storage of their own data, including any personally identifiable information.
×
×
WordPress Popup
Sarbanes-Oxley Act (SOX)​
The Sarbanes-Oxley (SOX) Act of 2002 was passed by the United States Congress into law to cut down on corporations that took part in fraudulent financial reporting. The act was passed on July 30 and its main intention is to protect investors. It’s regularly referred to as the SOX Act of 2002, and it includes strict reforms to previous securities regulations. By mandating these reforms, lawbreakers were now subject to stricter and tougher penalties.
×
×
WordPress Popup
Service Organization Control 2 (SOC 2)​
SOC 2 is coveted and hard to obtain information-security certification, and it demonstrates that an independent accounting and auditing firm has examined an organization’s non-financial reporting control objectives and activities. The auditing firm tests our controls over time to ensure that they are operating securely and effectively. Developed by the American Institute of CPAs (AICPA), SOC stands for Service and Organization Control. It defines criteria for managing customer data based on five “trust services principles” — security, availability, processing integrity, confidentiality, and privacy.
×
×
WordPress Popup