Daniel Pastrana
Breaking Barriers Safely: Mastering Physical Penetration Testing in Healthcare Security
Bio:
Daniel Pastrana is a seasoned cybersecurity expert and cloud security specialist, holding prestigious certifications such as CISSP, Azure Security Engineer, AWS Certified Solutions Architect – Associate, and Fortinet NSE4. His career is marked by a commitment to advancing security in the digital landscape, particularly in cloud environments. Daniel's proficiency lies in conducting thorough risk assessments and audits, identifying vulnerabilities that could jeopardize the integrity of information systems. He excels in developing customized cybersecurity strategies and solutions, ensuring that organizations are not only protected against current threats but also prepared for emerging challenges. His hands-on experience includes leading the design and implementation of security controls for cloud-based systems and infrastructure. This involves mitigating risks, ensuring compliance, and working intimately with leading cloud providers such as AWS and Azure. His approach integrates security throughout the development lifecycle, collaborating with developers and operations teams to embed security into every stage. As a Virtual Chief Information Security Officer (VCISO), Daniel offers external entities strategic guidance and improvements in security, aligning with frameworks such as NIST, SOC2, HITECH (HIPAA), and others. His skills in penetration testing, encompassing source code validation and evaluating cloud, physical, or hybrid infrastructures, make him adept at recommending robust security enhancements.
Abstract:
This presentation, "Breaking Barriers Safely: Mastering Physical Penetration Testing in Healthcare Security," delves into the critical role of physical penetration testing as a proactive measure in identifying and mitigating potential security breaches in healthcare facilities. Key topics include an overview of the physical penetration testing process, from planning and reconnaissance to execution and reporting. We will discuss the ethical and legal considerations, emphasizing the importance of conducting tests without disrupting healthcare operations or compromising patient safety. Additionally, the presentation will highlight case studies demonstrating successful penetration tests, showcasing how identified vulnerabilities were addressed to bolster security. Attendees will gain valuable insights into the tools and techniques used by professional penetration testers, the importance of a tailored approach considering healthcare facilities' specific needs and challenges, and strategies for effectively communicating findings and recommendations to stakeholders. This presentation is designed for healthcare administrators, security professionals, IT staff, and anyone interested in understanding and improving the physical security posture of healthcare facilities. By the end of this session, participants will be equipped with the knowledge to initiate, manage, and benefit from physical penetration testing, ultimately enhancing their healthcare organization's overall security and resilience.