HIMSS 2026 Agenda: 49 Must-Attend Cybersecurity Sessions

Elisity’s team reviewed the complete HIMSS 2026 agenda to identify 49 must-attend cybersecurity sessions spanning ransomware defense, zero trust architecture, microsegmentation, IoMT and medical device security, HIPAA compliance, lateral movement prevention, and cyber insurance trends. This is the healthcare cybersecurity conference 2026 guide we wish someone had handed us. Now it’s yours.

Elisity is presenting two sessions at HIMSS 2026: an in-person market insights readout on IoMT microsegmentation adoption featuring original HIMSS × Elisity survey data, and a practitioner case study on chaos engineering for microsegmentation resilience with Main Line Health. More on both below.

What Cybersecurity Sessions Should You Attend at HIMSS 2026?

HIMSS 2026 features a full-day Healthcare Cybersecurity Forum on Monday, March 9 (8:00 AM to 5:00 PM) plus dozens of breakout sessions, panels, and hands-on cyber range experiences across Tuesday through Thursday. Sessions cover ransomware resilience, zero trust, medical device security, microsegmentation, AI-driven threats, HIPAA updates, OT security, and cyber insurance trends. We organized this guide by day, then by session, so you can plan your schedule around the topics that matter most to your organization.

Elisity at HIMSS 2026: Two Sessions You Won’t Want to Miss

Before we get into the full day-by-day breakdown, here are the two Elisity sessions at HIMSS 2026. Both are on Wednesday, March 11.

IoMT Risk, Readiness, & Microsegmentation: Elisity In-Person Survey Readout

When: Wednesday, March 11 | 10:00 AM – 11:00 AM
Speakers: Jill Brewer, Marketing Insights Lead, HIMSS ; Mick Coady, Field CTO, Elisity, Inc.

This is an in-person readout of original market research conducted by HIMSS and Elisity on IoMT risk posture, organizational readiness, and microsegmentation adoption across healthcare. Jill presents the survey data and leads a discussion with Mick Coady on stage.

What you’ll walk away with: First-party data on how healthcare organizations are approaching IoMT security today, where the biggest readiness gaps exist, and how microsegmentation adoption is accelerating across health systems. This is original research you won’t find anywhere else at HIMSS 2026.

Chaos Engineering Validates Healthcare Microsegmentation Resilience

When: Wednesday, March 11 | 2:45 PM – 3:15 PM
Where: Level 5 | Palazzo D
Speakers: Aaron Weismann, CISO, Main Line Health; Mick Coady, Field CTO, Elisity, Inc.

This case study explores how Main Line Health, a major not-for-profit health system with five hospitals and over 100,000 protected devices, uses chaos engineering principles to validate microsegmentation policies and strengthen cyber resilience without disrupting patient care. Controlled failure scenarios test whether segmentation policies hold under pressure and confirm that lateral movement is blocked across clinical networks.

What you’ll walk away with: A real-world playbook for using chaos engineering to validate your microsegmentation deployment, practical insights on maintaining operational continuity during security testing, and lessons from a health system that deployed identity-based microsegmentation across 150+ locations in under four months.

What Are the Top Healthcare Cybersecurity Sessions at HIMSS 2026 on Monday, March 9?

Monday anchors around the full-day Healthcare Cybersecurity Forum (8:00 AM to 5:00 PM) in San Polo 3501A. This is the centerpiece event for cybersecurity professionals at HIMSS 2026, with sessions ranging from ransomware case studies to board-level cyber risk communication to AI-powered threat defense. If you can only attend one day, make it Monday. Eight sessions made our list.

1. Healthcare Cybersecurity Forum (Full Day)

Time: 8:00 AM – 5:00 PM
Location: Level 3 | San Polo 3501A
Sponsors: Cohesity, DigiCert, Proofpoint, Philips, and others

“Future-Ready Cybersecurity: Building the Workforce, Technology, and Leadership of Tomorrow.” This full-day forum is the home base for every cybersecurity session on Monday. Healthcare cybersecurity is a high-stakes mission, and this forum brings together the practitioners, policymakers, and technologists working on the front lines. All seven Monday sessions below take place within this forum.

Topics: Cybersecurity, Ransomware, Network Security, Cyber Threats

2. All the World’s a Cyber Stage – And All the Healthcare Stakeholders Clearly Players

Time: 8:30 AM – 9:10 AM
Location: Level 3 | San Polo 3501A
Speaker: Zachary Lewis, CIO/CISO, University of Health Sciences and Pharmacy

Drawing from firsthand experience during the University of Health Sciences and Pharmacy ransomware attack, CIO and CISO Zach Lewis uses Shakespeare’s famous metaphor as a framework for understanding cybersecurity roles and responsibilities across the healthcare enterprise. This is a practitioner-led talk grounded in real incident response.

Topics: Ransomware, Cyber Threats

3. Cyber Risk Communication: Bridging the CISO-Board Divide

Time: 9:25 AM – 10:00 AM
Location: Level 3 | San Polo 3501A
Speakers: Kim Sassaman, Universal Health Services of Delaware; Paul Connelly, Belmont University; Ishel Rekik, Bracco Medical Technologies; Jeff Aguilar, Memorial Hermann Hospital Presbyterian; Josh Decker, Armis

This panel focuses on transforming cyber discussions from technical jargon into strategic clarity. Both sides of the table learn to speak the language of enterprise risk. For security leaders who struggle to get board-level buy-in for initiatives like network segmentation and zero trust, this one is worth your time.

Topics: Cyber Threats, Cyber Insurance, CISO Strategy

4. United Front: Strengthening Cybersecurity in Rural and Vulnerable Healthcare Systems

Time: 11:10 AM – 11:50 AM
Location: Level 3 | San Polo 3501A
Speakers: Jill Ackerman, Lakewood Health System; Greg Sieg, Michigan Medicine; Jennifer Stoll; Tianna Fallgatter, The Rural Collaborative; Garrett Hagood, Greater Rural Regional Advisory Council

Cyberattacks are a growing threat to rural healthcare systems, which face limited resources, staffing shortages, and outdated infrastructure. This panel explores strategies for defending vulnerable systems that can’t simply throw budget at the problem. Relevant for any security leader managing resource constraints across distributed facilities.

Topics: Cyber Threats, Ransomware Prevention, Network Security

5. Beyond Ransomware: Defending Healthcare Innovation from Industrial Espionage

Time: 11:55 AM – 12:35 PM
Location: Level 3 | San Polo 3501A
Speakers: Matthew Overgard, Philips; Timothy Kirkham, Orka; Francesco (Frank) Coral, Federal Bureau of Investigation (FBI); Romaine Marshall, Proofpoint

Healthcare organizations face a sophisticated and often overlooked threat: industrial espionage targeting proprietary data and intellectual property. From nation-state actors to competitors exploiting network vulnerabilities, this session brings an FBI speaker to the stage alongside healthcare and security industry leaders. If you attend one Monday session outside the full-day forum, make it this one.

Topics: Ransomware, Cyber Threats, Lateral Movement, Network Security, Nation-State Actors

6. AI vs. AI: How Healthcare is Fighting Fire with Fire in Cybersecurity

Time: 1:25 PM – 2:10 PM
Location: Level 3 | San Polo 3501A
Sponsor: Philips
Speakers: Ryan Kalember, Proofpoint; Robert Mackey; Dennis Chornenky; Krishan Ray, Universal Health Services, Inc. (UHS)

AI-driven cyberattacks are targeting healthcare’s connected devices, patient data, and clinical workflows with unprecedented sophistication. Traditional security tools can’t keep up. This session covers how healthcare organizations are deploying AI-powered defenses to match the speed and scale of AI-driven threats.

Topics: Medical Device Security, IoT/IoMT, Connected Devices, Cyber Threats, Network Security

7. Healthcare’s Crypto Tipping Point: Automate for Quantum Risk

Time: 2:15 PM – 3:00 PM
Location: Level 3 | San Polo 3501A
Sponsor: DigiCert
Speakers: Mike Nelson, DigiCert; Joern Lubadel, B. Braun (medical device manufacturer); Ali Youssef, Henry Ford Health; Nathan Lesser, Children’s National Hospital

Cryptography underpins trust in healthcare, and the landscape is shifting fast. Organizations face three converging pressures: post-quantum encryption, short-lived certificates (as brief as 47 days), and expanding attack surfaces across connected medical devices. This panel brings together device manufacturers, health system leaders, and cryptography experts.

Topics: Network Security, Medical Device Security, Cryptography

8. Toward A Cure for Healthcare Ransomware: Innovation and Impact

Time: 3:40 PM – 4:20 PM
Location: Level 3 | San Polo 3501A
Speakers: Christian Dameff, University of California San Diego; Jeff Tully, UC San Diego Health

Healthcare ransomware attacks persist because hospitals pay ransoms to protect patient safety, creating a cycle that makes them lucrative targets. A bigger threat is emerging: nation-state actors targeting critical healthcare infrastructure for strategic disruption. UC San Diego researchers Christian Dameff and Jeff Tully bring academic rigor and clinical perspective to one of the most pressing challenges in healthcare cybersecurity.

Topics: Ransomware Prevention, Cyber Threats, Nation-State Actors, Critical Infrastructure

Which HIMSS 2026 Tuesday Sessions Cover Zero Trust, IoMT, and Network Security?

Tuesday (March 10) features 15 sessions covering zero trust architecture, lateral movement prevention, microsegmentation, medical device visibility, HIPAA, third-party risk management, and hands-on cyber range training. This is the heaviest day for technical security content outside the Monday forum.

9. Tech Rationalization for Healthcare Cyber Readiness

Time: 10:10 AM – 10:30 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: Fortified
Speaker: Russell Teague, Fortified Health Security

More tools, more dashboards, same headaches. Security fails at the seams: ownership gaps, handoff failures, and vendor sprawl. This session shows how to identify overlap in your security stack, find the real gaps, and build a program that actually works instead of one that just looks good on paper.

Topics: Network Security, Cyber Threats

10. The Trojan Horse Was Already Inside: Rethinking Trust in Healthcare Cybersecurity

Time: 10:40 AM – 11:00 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: Cox Business
Speakers: Katie Patton, Patton Tech & Risk Advisory, L.L.C.; Miles Tanner, RapidScale

Most breaches don’t happen because defenses are weak. They happen because trust is misplaced. Vendors, credentials, and integrations become hidden attack paths that allow lateral movement across healthcare networks. This session directly addresses the zero trust and lateral movement prevention challenges at the core of modern healthcare network security.

Topics: Zero Trust, Lateral Movement, Network Security, Ransomware Prevention

11. Understanding AI Security Risk – The New Blind Spot in TPRM and Supply Chain Resilience

Time: 11:10 AM – 11:30 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: HITRUST
Speaker: Ryan Patrick, HITRUST

AI has reshaped the cyber threat landscape, and third-party risk is now one of its fastest-growing attack surfaces. Many TPRM programs still rely on manual reviews, legacy frameworks, and outdated assessments that can’t keep pace with AI-driven supply chain risks.

Topics: Cyber Threats, Network Security, Supply Chain

12. Securing AI through EHR Micro-segmentation and Zero Trust

Time: 11:40 AM – 12:00 PM
Location: Artificial Intelligence Pavilion | Level 1 | The Park (Hall G) | Booth 10018
Speakers: Terrance Johnson, Northwestern Medicine; David Blalock, Northwestern Medicine; John Brow, Northwestern Medicine

As healthcare organizations integrate AI technologies with Epic EHR systems, protecting sensitive patient data and clinical workflows becomes critical. This presentation from Northwestern Medicine explores how microsegmentation and zero trust architectures can protect AI workloads running within EHR environments. One of the most directly relevant HIMSS 2026 sessions for security leaders evaluating microsegmentation.

Topics: Microsegmentation, Zero Trust, Network Security, HIPAA

13. Unified Endpoint Visibility: The Strategic Baseline for Digital-First Healthcare

Time: 12:25 PM – 12:55 PM
Location: Exhibition Main Stage | Level 2 | Hall A | Booth 270
Sponsor: ManageEngine
Speaker: Ramarao Prabhu, ManageEngine

When visibility, access, and endpoint intelligence remain siloed, teams struggle to protect clinical environments. This session addresses how unified endpoint visibility serves as the foundation for effective security programs in digital-first healthcare organizations.

Topics: Network Security, IoT/IoMT, Medical Device Security

14. From Vulnerability Chaos to CTEM Clarity: How Healthcare Security Teams Reduce Real-World Risk

Time: 12:10 PM – 12:30 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Gary Salman, Black Talon Security, LLC

Healthcare environments generate overwhelming volumes of vulnerability and threat data, yet breaches still happen in networks that scan regularly. This session introduces Continuous Threat Exposure Management (CTEM) as a more effective model for prioritizing and reducing real-world risk.

Topics: Cyber Threats, Network Security

15. Healthcare Needs a Better Third-Party Risk Assessment Approach

Time: 12:00 PM – 12:30 PM
Location: HIMSS Connect Theater 2 | Level 2 | Hall B | Booth 2016
Speaker: Richard Staynings, University of Denver

Modern healthcare depends on a growing number of third-party vendors, suppliers, and partners. When one third party suffers a cyber incident, the cascading effects across healthcare delivery can be devastating. This session makes the case for rethinking how healthcare organizations evaluate and manage third-party cyber risk.

Topics: Cyber Threats, Network Security, Supply Chain

16. Unmasking the Dark Web Live

Time: 12:10 PM – 12:30 PM
Location: Business Operations Pavilion | Level 2 | Hall C | Booth 4400
Speaker: Daniel Schwartz, Design I.T. Solutions

A real-time demonstration of dark web threats targeting healthcare organizations. Cybersecurity expert Daniel Schwartz walks attendees through what attackers are trading, selling, and planning on underground marketplaces.

Topics: Cyber Threats, Ransomware Prevention

17. SANS Executive Cyber Exercise

Time: 1:00 PM – 3:00 PM
Location: Level 2 | Titian 2201B
Sponsor: SANS / GIAC

This complimentary exercise for executives simulates the business impacts of a real-life cyber event. Registration required; capped at 50 participants. If you’re a CISO or IT leader who wants to stress-test your incident response decision-making in a safe environment, get there early. These seats fill fast.

Topics: Cyber Threats, Ransomware Prevention, Incident Response

18. Data Security, Privacy & DSPM, DLP Reimagined: Precision, Compliance & Clinical-Grade Protection in an AI-Driven Healthcare World

Time: 1:10 PM – 1:30 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Daniel Jay, 1E / Cyberhaven

Healthcare data now moves through more channels than ever: EHR systems, cloud applications, connected medical devices, collaboration platforms, and AI-mediated workflows. This session addresses how data security posture management and data loss prevention need to evolve for AI-driven healthcare environments.

Topics: HIPAA, Network Security, Medical Devices, Data Security

19. Securing the Edge: Protecting Our Hospital

Time: 2:15 PM – 2:45 PM
Location: Level 5 | Palazzo D
Speaker: Phil Curran, Cooper University Health Care

Hospitals rely on a vast ecosystem of edge devices: mobile workstations, tablets, infusion pumps, diagnostic equipment, and building management systems. Phil Curran from Cooper University Health Care shares strategies for securing the hospital edge where IoMT, OT, and IT converge. Essential for security leaders responsible for medical device and operational technology protection.

Topics: Medical Device Security, IoT/IoMT, OT, Network Security

20. Managing Systemic Risk in a Digitized Healthcare Ecosystem

Time: 2:15 PM – 3:15 PM
Location: Level 5 | Palazzo I
Speakers: Erik Decker, Intermountain Health; Samantha Jacques, McLaren Health; Leslie O’Connor, Lumeris

Healthcare’s interconnected ecosystem spanning patient care, payments, pharmaceuticals, technology, and public health creates cascading cybersecurity risks that extend far beyond any single organization. This session, developed in collaboration with HIMSS cybersecurity leadership, addresses systemic risk at the ecosystem level.

Topics: Cyber Threats, Network Security, Systemic Risk

21. From Risk to Resilience: Managing AI-Driven Cyber Threats in Healthcare

Time: 2:40 PM – 3:00 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: Radware
Speaker: Chip Witt, Radware

Agentic AI is reshaping healthcare cybersecurity, creating new threats and new opportunities for defense. This session examines AI-driven attacks, malicious autonomous agents, and practical strategies for building resilience against evolving AI threats.

Topics: Cyber Threats, Ransomware Prevention

22. SANS Healthcare NetWars Cyber Range (Tuesday)

Time: 3:00 PM – 5:00 PM
Location: Level 2 | Titian 2201B
Sponsor: SANS / GIAC

Complimentary hands-on cyber range. First come, first served. Bring your own laptop. Build healthcare-specific cybersecurity skills in a competitive, gamified environment. SANS runs these ranges at major conferences, and they consistently rank among the most valuable hands-on experiences available.

Topics: Cyber Threats, Network Security, Hands-on Training

23. The Pros and Cons of Performing Security Assessments Under Privilege

Time: 3:30 PM – 4:30 PM
Location: Level 3 | Murano 3201B
Speaker: Adam Greene, Davis Wright Tremaine

A security assessment like a HIPAA Security Rule risk analysis can reveal every vulnerability in your organization. In the wrong hands, it becomes a roadmap for attackers. This session explores the legal and strategic considerations of performing security assessments under attorney-client privilege, a question every healthcare CISO should consider carefully.

Topics: HIPAA, Network Security, Risk Assessment

What Are the Must-Attend HIMSS 2026 Wednesday Cybersecurity Sessions?

Wednesday (March 11) packs the most cybersecurity sessions of the conference with 17 talks, including both Elisity presentations. Topics span OT security, insider risk, compliance frameworks, chaos engineering, ransomware resilience, AI governance, and the SANS Healthcare NetWars Cyber Range. If you’re prioritizing days at HIMSS 2026, Wednesday and Monday are the two to protect on your calendar.

24. Safeguarding EHR Access: Isolated Recovery Environments for Ransomware Defense

Time: 9:45 AM – 10:45 AM
Location: Level 5 | Palazzo M
Speakers: Jeff Thomas, Sentara Healthcare; Michael Hegyi, Amazon Web Services

As ransomware and other unplanned outages increasingly disrupt healthcare operations, continuous access to Electronic Health Records (EHRs) is critical for patient safety. This session covers how isolated recovery environments can protect EHR access during and after a ransomware event, keeping clinical operations running when systems go down.

Topics: Ransomware Prevention, Cyber Threats

25. IoMT Risk, Readiness, & Microsegmentation – Elisity In-Person Survey Readout ⭐

Time: 10:00 AM – 11:00 AM
Speakers: Jill Brewer, Marketing Insights Lead, HIMSS ; Mick Coady, Field CTO, Elisity, Inc.

ELISITY SESSION. In-person readout of original HIMSS × Elisity market research on IoMT risk posture, organizational readiness, and microsegmentation adoption in healthcare. First-party survey data you cannot get anywhere else at the conference. Breakfast is served. [See full details above in the Elisity sessions section.]

Topics: IoMT, Microsegmentation, Medical Device Security, Network Security, Zero Trust

26. Healthcare AI Governance & Risk Management: Securing Innovation Without Slowing Care

Time: 10:00 AM – 10:20 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: David Bailey, ClearDATA

Healthcare organizations adopting AI across clinical, operational, and administrative workflows face a growing challenge: how to enable innovation while managing the new risks AI introduces. This session provides a governance framework for balancing speed with security.

Topics: Cybersecurity, Network Security

27. Cyber Resilience in Healthcare: Sustaining Continuity of Care in a Digital World

Time: 10:30 AM – 10:50 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speakers: Matt DeFrain, MF Cyber; Cortney Hancock, MF Cyber

From EHRs and connected devices to telehealth and AI-assisted diagnostics, digital infrastructure underpins virtually every aspect of patient care. That transformation has created new cyber risk surfaces that traditional approaches struggle to address.

Topics: Cyber Threats, Network Security, IoT/Connected Devices

28. Managing Insider Risk in the Healthcare Sector

Time: 11:00 AM – 12:00 PM
Location: Level 5 | Palazzo M
Speaker: Randall Trzeciak, CERT Division, Software Engineering Institute

Since 2001, the National Insider Threat Center in the CERT Division of the Software Engineering Institute has analyzed thousands of insider threat cases. This session brings that body of research to bear on healthcare-specific insider risk, covering patterns, indicators, and mitigation strategies.

Topics: Cyber Threats, Network Security, CISA/CERT

29. Close the Gap: Securing Unmanaged Hospital Environments

Time: 11:30 AM – 11:50 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Skip Sorrels, Claroty

Healthcare cybersecurity has historically prioritized data confidentiality, but the threat has shifted toward disruption of care delivery. Hospital resilience now depends on securing Operational Technology (OT) and unmanaged environments that represent a critical gap in most security programs. Relevant for any security leader responsible for IoMT, OT, or building management systems.

Topics: OT (Operational Technology), Medical Device Security, IoMT, Network Security

30. Enabling Trusted and Scalable AI Innovation in Healthcare

Time: 1:00 PM – 1:20 PM
Location: Artificial Intelligence Pavilion | Level 1 | The Park (Hall G) | Booth 10018
Speaker: Daryan Dehghanpisheh, Palo Alto Networks

Healthcare’s shift to generative AI and autonomous agents creates risks that traditional controls can’t handle. This session explores security frameworks for trusted AI adoption that scale with the pace of innovation.

Topics: Zero Trust, Cybersecurity

31. Healthcare Innovation Without Chaos: Scaling Securely in a Multi-Cloud World

Time: 1:30 PM – 1:50 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speakers: Kevin Gay, Wiz; Jim Ducharme, ClearDATA

As healthcare organizations expand into multi-cloud environments, the pressure to augment operations with AI often increases the attack surface. This session addresses how to scale cloud adoption securely without creating new gaps in your security posture.

Topics: Network Security, Zero Trust, Cyber Threats

32. Caring for the Systems Used in Providing Care

Time: 2:00 PM – 3:00 PM
Location: Level 5 | Palazzo J
Speaker: Tim Conway, SANS Institute

An engaging deep dive on the critical role of Industrial Control Systems (ICS) and Operational Technology (OT) in healthcare environments. Tim Conway from SANS brings decades of ICS/OT expertise to a healthcare audience, covering how these systems support essential facilities and services, and why they require purpose-built security strategies aligned with CISA and NIST frameworks.

Topics: OT (Operational Technology), IoT, ICS, Medical Device Security, CISA, NIST

33. FBI Files: How Humans Get Hacked

Time: 2:00 PM – 3:00 PM
Location: Level 5 | Palazzo M
Speakers: Johnathan Coleman, Security Risk Solutions, Inc.; Daniel Polk, Federal Bureau of Investigation

Healthcare organizations remain attractive targets due to their size, technological dependence, access to personal health information, and the unique impacts of disruption. This session features an FBI agent discussing real-world social engineering and human manipulation tactics used against healthcare targets.

Topics: Cyber Threats, Ransomware Prevention

34. Trust is Patient Safety

Time: 2:00 PM – 2:20 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Eric Clauss, INTEGRITY Security Services

In today’s digitally dependent care environments, trust failures in software, devices, and identity systems can quickly become patient safety failures. This session connects the dots between digital trust and clinical outcomes.

Topics: Zero Trust, Medical Device Security, Network Security

35. Outlining a Successful HITRUST r2 Assessment From Start to Finish

Time: 2:30 PM – 2:50 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speakers: Lee Pierce, NuvoMedics; Mark Davidson, Western Reserve Area Agency on Aging; Peter Biroli, HITRUST Technology, Inc.

Dual perspectives from a HITRUST customer and a HITRUST assessor on completing a successful r2 assessment. HITRUST frameworks incorporate NIST and HIPAA controls, making this session directly relevant for security leaders managing compliance across both frameworks.

Topics: NIST, HIPAA, Compliance Frameworks

36. Chaos Engineering Validates Healthcare Microsegmentation Resilience ⭐

Time: 2:45 PM – 3:15 PM
Location: Level 5 | Palazzo D
Speakers: Aaron Weismann, CISO, Main Line Health; Mick Coady, Field CTO, Elisity, Inc.

ELISITY SESSION. A practitioner-led case study on how Main Line Health uses chaos engineering to validate microsegmentation policies and prevent lateral movement across clinical networks. This is the highest-credibility content format: a real health system sharing what they’ve built and how it works. [See full details above in the Elisity sessions section.]

Topics: Microsegmentation, Lateral Movement Prevention, Zero Trust, Network Security, Cyber Resilience

37. Make Your Business a Hard Target for Cybercriminals

Time: 3:00 PM – 3:20 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Rob Allen, ThreatLocker

When it comes to cyberattacks, easier to breach means more likely to be targeted. While you can’t always control your perceived value to an attacker, you can control how difficult you are to compromise. Practical steps for hardening your organization’s security posture.

Topics: Cyber Threats, Ransomware Prevention, Network Security

38. Ransomware Resilience: Ensuring Patient Care Continuity Under Cyber Attack

Time: 3:15 PM – 4:15 PM
Location: Level 5 | Palazzo K
Speaker: Scott Doerr, Fortified Health Security

Ransomware attacks against healthcare continue to rise in frequency, cost, and patient impact. Unlike other industries, downtime in hospitals is measured in lives at risk, not just lost revenue. This session focuses on maintaining patient care continuity during and after a ransomware event, including strategies for lateral movement prevention and network segmentation.

Topics: Ransomware Prevention, Cyber Threats, Lateral Movement Prevention

39. Harness AI to Achieve Continuous Compliance with 2026 Client-Side HIPAA Mandates

Time: 3:30 PM – 3:50 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Ivan Tsarynny, Feroot Security

2026 is a pivotal year for healthcare security and privacy. With expected updates to the HIPAA Security Rule, providers and their business associates face new compliance requirements that demand automation and continuous monitoring. Timely session for anyone preparing for the evolving regulatory landscape.

Topics: HIPAA, Cyber Threats, Network Security

40. SANS Healthcare NetWars Cyber Range (Wednesday)

Time: 3:00 PM – 5:00 PM
Location: Level 2 | Titian 22018
Sponsor: SANS / GIAC

The Wednesday edition of the complimentary SANS Healthcare NetWars Cyber Range. Same format as Tuesday: first come, first served, bring your own laptop. Healthcare-specific cybersecurity skills in a hands-on, competitive environment.

Topics: Cyber Threats, Network Security, Hands-on Training

What Should Healthcare CISOs Prioritize at HIMSS 2026 on Thursday, March 12?

Thursday closes the conference with nine sessions focused on HHS policy and leadership, AI-enabled medical device security, vulnerability coordination between hospitals and manufacturers, agentic threat intelligence, and automated breach detection. Thursday sessions tend to draw smaller, more senior audiences, which makes the conversations richer.

41. Healthcare and Public Health Cybersecurity: Building Resiliency with Innovation

Time: 8:45 AM – 9:45 AM
Location: Level 5 | Palazzo
Speakers: Andrew Caney, Arkansas Research & Projects Agency; Chris Tyberg, Abbott; Brian M. Mazanec, Department of Health & Human Services

HHS leadership takes the stage to discuss building resilience through innovation in the healthcare and public health sector, which continues to see exponential increases in data breaches and ransomware attacks. If you want direct insight into federal cybersecurity priorities for healthcare, this is the session.

Topics: Ransomware Prevention, Cyber Threats, HHS

42. The Gravity of Care: Navigating the Escalating Risks of AI in Healthcare

Time: 8:45 AM – 9:45 AM
Location: Level 5 | Palazzo I
Speaker: Chris Cochran, SANS Institute

AI is already embedded across industries, often quietly and without clear accountability. In healthcare, mistakes carry a uniquely human cost. Chris Cochran from SANS Institute walks through escalating AI risks from a cybersecurity perspective.

Topics: Cyber Threats, Cybersecurity

43. When a Vulnerability Drops: Coordinating Cybersecurity Response Across Hospitals and Manufacturers

Time: 9:40 AM – 10:00 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Michelle Jump, MedSec

When a new medical device vulnerability is discovered, the clock starts ticking. The effectiveness of the response depends less on technology and more on coordination between hospitals and device manufacturers. This session addresses the communication and process gaps that slow down vulnerability response in healthcare.

Topics: Medical Device Security, Vulnerability Management

44. Black Boxes in White Coats: Making Artificial Intelligence Devices Secure by Design

Time: 10:00 AM – 11:00 AM
Location: Level 5 | Palazzo L
Speakers: Ty Greenhalgh, Armis; Lacey Harbour, Thermo Fischer Scientific, Inc.

AI is entering the medical device landscape at an unprecedented pace, propelled by legislative momentum, federal funding incentives, and expanding clinical applications. This session examines how to make AI-enabled medical devices secure by design rather than bolting security on after deployment.

Topics: Medical Device Security, Secure-by-Design

45. Expanding Your Cyber Team: Hackers as Collaborators

Time: 10:00 AM – 11:00 AM
Location: Level 5 | Palazzo I
Speakers: Jaime Medina, Bonfire Village; David Nathans, Sentara Healthcare; Jorge Acevedo Canabal, Simmons Academy at Indiana University; Michael Aguilar, Hacker Pilot Team

The future of healthcare cybersecurity depends on whether organizations treat ethical hackers as adversaries or potential allies. With cyberattacks accelerating and patient safety on the line, this panel explores collaborative models for expanding cybersecurity capacity.

Topics: Cyber Threats, Healthcare Cyberattack Prevention

46. Operationalizing a CPS Program: 5 Steps to Resilience

Time: 10:10 AM – 10:30 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Skip Sorrels, Claroty

Healthcare organizations face an escalating cybersecurity crisis where Operational Technologies (OT) are prime targets. In a Healthcare Delivery Organization (HDO), OT devices manage the critical systems that keep facilities running: HVAC, power, water treatment, elevators, and more. This session provides a five-step framework for building a cyber-physical systems (CPS) security program.

Topics: OT (Operational Technology), IoT/IoMT, Cyber-Physical Systems, Cybersecurity Resilience

47. Agentic Threat Intelligence for Healthcare Cyber Resilience

Time: 10:40 AM – 11:00 AM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: Dataminr
Speakers: Joseph Slowik, Dataminr; Brian M. Mazanec, Department of Health & Human Services

A fireside chat between Dataminr and HHS Administration for Strategic Preparedness and Response. As the healthcare threat landscape accelerates, agentic threat intelligence offers a new paradigm for detecting and responding to emerging threats before they reach clinical networks.

Topics: Cyber Threats, HHS, Threat Intelligence

48. Securing the Future of Healthcare AI: Agentic Intelligence, Governance, and HIPAA-Aligned Protection

Time: 12:10 PM – 12:30 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Sponsor: Insight
Speaker: Adam Budny, Insight

As healthcare organizations accelerate AI adoption, the stakes for privacy, security, and regulatory compliance, including HIPAA, HITECH, and emerging frameworks, have never been higher. This session addresses governance models for AI that align with healthcare’s regulatory reality.

Topics: HIPAA, Healthcare Security Governance

49. Real-World Healthcare Defense: Automated Breach Detection in Action

Time: 12:40 PM – 1:00 PM
Location: Cybersecurity Command Center | Level 1 | The Park (Hall G) | Booth 10001
Speaker: Vince Crisler, Dark Cubed

Healthcare organizations face relentless cyber threats, mounting regulatory pressure, and limited security resources. This session demonstrates automated breach detection capabilities built for resource-constrained healthcare environments that can’t afford 24/7 SOC staffing.

Topics: Cyber Threats, Ransomware Prevention, Breach Detection

Which HIMSS 2026 Sessions Focus on Microsegmentation and Lateral Movement Prevention?

Several HIMSS 2026 sessions directly address microsegmentation and lateral movement prevention, two of the most critical controls for healthcare network security. Here are the key sessions to prioritize if these topics are on your roadmap:

Elisity, a healthcare microsegmentation platform, delivers identity-based segmentation that protects critical assets, including medical devices, IoMT systems, and clinical workstations, without requiring agents, network redesigns, or operational disruption. The platform enables healthcare organizations to discover and classify every device on their network automatically, visualize communication flows, and implement zero trust segmentation using identity-based policies enforced through existing network switching infrastructure from Cisco, Juniper, Arista, and Hirschmann.

What Are the Key Medical Device and IoMT Security Sessions at HIMSS 2026?

Medical device security and IoMT protection are among the most critical themes at HIMSS 2026. Here are the sessions focused on these topics:

What HIMSS 2026 Sessions Cover HIPAA, NIST, and Compliance Frameworks?

Healthcare compliance continues to evolve, with 2026 HIPAA Security Rule updates expected to mandate network segmentation controls. Here are the compliance-focused sessions at HIMSS 2026:

How to Plan Your HIMSS 2026 Cybersecurity Schedule

With 49 cybersecurity sessions spread across four days, planning your HIMSS 2026 schedule takes intention. Here’s how we’d approach it:

Monday, March 9: Arrive early and commit to the full-day Healthcare Cybersecurity Forum. The Monday sessions build on each other, and the networking opportunities between sessions are as valuable as the content itself. Don’t miss the FBI session on industrial espionage (Session 5) and the UC San Diego ransomware research session (Session 8).

Tuesday, March 10: Focus on zero trust and microsegmentation sessions in the morning (Sessions 10 and 12), then head to the SANS Executive Cyber Exercise in the afternoon if you can get a seat. Close the day at the SANS Healthcare NetWars Cyber Range.

Wednesday, March 11: This is Elisity day. Start with the IoMT Microsegmentation Survey Readout at 10:00 AM (Session 25), catch the ICS/OT session from SANS at 2:00 PM (Session 32), then join the Chaos Engineering + Microsegmentation case study at 2:45 PM (Session 36). If compliance is on your roadmap, fit in the HITRUST session (Session 35) and the HIPAA mandates session (Session 39).

Thursday, March 12: Prioritize the HHS leadership session first thing (Session 41), then the medical device sessions later in the morning (Sessions 43, 44, and 46).

Frequently Asked Questions About HIMSS 2026 Cybersecurity Sessions

Q: When and where is HIMSS 2026? A: HIMSS 2026 takes place March 9–12, 2026, at the Venetian Convention & Expo Center in Las Vegas, Nevada.

Q: How many cybersecurity sessions are at HIMSS 2026? A: The HIMSS 2026 cybersecurity track includes a full-day Healthcare Cybersecurity Forum on Monday plus over 300 breakout sessions, panels, and hands-on cyber range experiences across all four days. This guide covers 49 curated sessions.

Q: Is Elisity presenting at HIMSS 2026? A: Yes. Elisity is presenting in two sessions at HIMSS 2026: an in-person survey readout on IoMT risk and microsegmentation adoption featuring original HIMSS × Elisity market research data (Wednesday, 10:00 AM), and a case study on chaos engineering for microsegmentation resilience with Main Line Health CISO Aaron Weismann and Elisity Field CTO Mick Coady (Wednesday, 2:45 PM).

Q: What HIMSS 2026 sessions cover microsegmentation? A: Key microsegmentation sessions at HIMSS 2026 include Elisity’s IoMT microsegmentation survey readout (Session 25), the Chaos Engineering + Microsegmentation Resilience case study with Main Line Health and Elisity (Session 36), and Northwestern Medicine’s talk on securing AI through EHR microsegmentation and zero trust (Session 12).

Q: Are there zero trust sessions at HIMSS 2026? A: Yes. Multiple HIMSS 2026 sessions address zero trust architecture, including “The Trojan Horse Was Already Inside: Rethinking Trust in Healthcare Cybersecurity” (Session 10) and “Securing AI through EHR Micro-segmentation and Zero Trust” by Northwestern Medicine (Session 12).

Q: What HIMSS 2026 sessions focus on ransomware? A: Ransomware sessions at HIMSS 2026 include “Toward A Cure for Healthcare Ransomware” featuring UC San Diego researchers (Session 8), “Ransomware Resilience: Ensuring Patient Care Continuity” from Fortified (Session 38), the FBI-featured session on industrial espionage (Session 5), and multiple sessions within the Monday Healthcare Cybersecurity Forum.

Q: Does HIMSS 2026 have hands-on cybersecurity training? A: Yes. SANS and GIAC are hosting the Healthcare NetWars Cyber Range on both Tuesday and Wednesday (Sessions 22 and 40), plus a complimentary SANS Executive Cyber Exercise on Tuesday afternoon (Session 17). Both the cyber range sessions are first come, first served. The executive exercise requires registration and is capped at 50 participants.

Connect with Elisity at HIMSS 2026

Whether you’re attending HIMSS 2026 in person or following along remotely, Elisity’s team will be on site throughout the week. We’re presenting two sessions, meeting with healthcare security leaders, and sharing original research on IoMT microsegmentation adoption.

Elisity’s microsegmentation platform is agentless and protects healthcare’s most critical assets, from medical devices and IoMT systems to clinical workstations and building management systems, without requiring agents, network redesigns, or operational disruption. The platform enables healthcare organizations to discover and classify every device on their network automatically, visualize communication flows and identify risky lateral movement paths, implement zero trust segmentation using identity-based policies, and protect IoT, OT, and legacy systems that can’t run traditional security agents.

Healthcare organizations like Main Line Health have deployed Elisity microsegmentation across 150+ locations, protecting over 100,000 IoT, OT, and IoMT devices with 6,000+ actively enforced policies, achieving 99% device discovery within four hours and a 76% reduction in total cost of ownership.

Schedule a meeting with Elisity at HIMSS 2026 →