Prescription for Security: Hardening Healthcare Email Against Advanced Threats

Email remains one of the most critical yet vulnerable components of healthcare cybersecurity, often serving as a primary vector for sophisticated cyberattacks such as phishing, business email compromise (BEC), and targeted malware infections. Drawing from hands-on experience defending healthcare organizations, this talk will examine real-world email threats uniquely targeting healthcare, including advanced techniques like Captcha-based phishing (Luma Stealer attacks), QR code phishing, and multi-factor authentication (MFA) bypass using adversary-in-the-middle (AiTM) tactics.

The presentation will highlight practical challenges healthcare security teams face, such as the risks posed by excessive email whitelisting, misconfigured authentication protocols (DMARC, DKIM, SPF), and the growing threat of sensitive data leakage driven by employee use of AI tools. Attendees will gain actionable insights and strategies for enhancing email security posture through smarter threat detection, optimized security policies, and tailored data loss prevention (DLP) controls to protect against AI-driven data leaks.

Designed specifically for blue team professionals, SOC analysts, and cybersecurity leaders, this session will equip participants with practical techniques to detect emerging email threats, reduce attack surface from third-party risks, and implement proactive, healthcare-focused security defenses.