Actionable intelligence and expert content to help you understand emerging threats, make informed decisions, and strengthen your cyber defense strategy.

Strengthening Healthcare Cybersecurity: Celerium's Highlights from HIMSS 2026

Written by Celerium Blogmeister | Mar 23, 2026 3:41:21 PM

The Celerium team had the pleasure of attending the HIMSS 2026 Global Health Conference & Exhibition in Las Vegas, Nevada.  This year, we engaged healthcare leaders through focused, high-value conversations centered on real-world visibility gaps, evolving attack surfaces, and what it actually takes to secure modern healthcare environments.

Our team members who attended were Celerium’s Chief Information Security Officer, Vince Crisler; Chief Solutions Officer, Karl Kotalik; Director of Technical Sales, Jon Marinaro; and Healthcare Sales Executive, Kevin Harding. We were thrilled to contribute to discussions that help shape the future of healthcare cybersecurity.

 

 

Event Highlights:

Brunch Briefing Fireside Chat

One of our key engagements at HIMSS was our full-room Brunch Briefing Fireside Chat, featuring an incredible panel of industry experts:

  • John Riggi, National Advisor for Cybersecurity & Risk at the American Hospital Association
  • Vince Crisler, CISO at Celerium
  • John Gresham, Reeves Regional Health

The conversation was candid and insightful, tackling some of the toughest cybersecurity challenges facing healthcare organizations today. John Riggi also highlighted the risks facing hospitals nationwide and emphasized the need for practical, scalable defense strategies.

These discussions reinforced the importance of Celerium’s Data Breach Defender® solution, which is designed to help hospitals and healthcare organizations detect, contain, and stop breaches before they cause harm.

 

Cybersecurity Command Center Stage Presentation

Our CISO, Vince Crisler, also presented on the Cybersecurity Command Center stage with John Gresham of Reeves Regional Health. Their session, Real-World Healthcare Defense: Automated Breach Detection in Action, demonstrated how automated data breach detection is reshaping security operations across healthcare systems.

In just 20 minutes, attendees saw how hospitals can strengthen defense, accelerate containment, and minimize risk with adaptive automation.

 

Private Focus Group

Our team also hosted a private focus group with healthcare executives and IT leaders to explore the real challenges of monitoring clinical, partner, and cloud-based systems in today’s hybrid healthcare environments.

This discussion, titled Uncovering Blind Spots in Hospital Data Breach Defense: Exploring Threat Visibility Across Clinical Systems, generated a wealth of valuable insights. Participants highlighted several critical challenges, including:

  • Healthcare organizations are managing thousands of connected devices — one children's hospital reported 25,000 devices on their network, with half unable to run a security agent — creating significant blind spots that traditional security tools can't address.
  • Third-party supplier visibility remains a critical gap, with many organizations relying on a patchwork of manual tracking, CMDBs, and institutional knowledge that lives in one person's head and disappears if they leave.
  • The Change Healthcare disruption was top of mind, and a major supplier breach hit the news the same morning as our session — reinforcing that supplier risk is no longer theoretical for healthcare IT leaders.
  • Shadow IT is a critical vulnerability for CIOs, as staff and physicians increasingly bypass hospital IT controls to install unauthorized hardware including medical devices, and software tools. In particular, "Shadow AI" is an escalating concern, with the exploding use of unapproved AI tools on hospital networks, often deliberately routing around IT through patient Wi-Fi to avoid approval processes.
  • Business continuity planning came up as the real downstream need — IT leaders want disruption alerts early enough to execute pre-written BCP scripts, communicate proactively to stakeholders, and avoid the chaos of reacting in real time.
  • Medical device security remains a uniquely difficult challenge in healthcare, as cameras, infusion pumps, and clinical IoT devices can't run agents and require a fundamentally different monitoring approach.
  • Supplier impersonation and domain spoofing are causing real harm, with participants sharing live examples of fraudulent invoices and fake job postings using near-identical vendor names — and admitting there was little they could do once it happened.
  • The recurring theme across the entire session was the gap between having data and knowing what to do with it. Healthcare IT leaders don't lack information, they lack tools that turn that information into clear, actionable next steps.

 

Thank You, HIMSS!

Thank you to the HIMSS team for a terrific and engaging event!

A huge thank you to everyone who joined our sessions — and to our speakers for sharing their invaluable expertise. Events like this remind us how important it is to come together, learn from one another, and move the industry forward.

 

See Celerium’s Data Breach Defender® in Action

Want to learn how hospitals are using Data Breach Defender® to detect and contain data breaches before they escalate?

 

Sign Up for a 60-Day Trial of Data Breach Defender® Today!
View full post