Healthcare organizations focus extensively on user provisioning and MFA but often overlook the security of their foundational identity systems such as Active Directory and Entra ID. When these core systems are compromised, entire healthcare operations cease - from electronic medical records to basic network access. Healthcare's tendency to pay ransoms and attackers' frequent return through backdoors make identity system defense critical for operational continuity.

This session, led by James Doggett, CISO at Semperis, will cover:

• Active Directory assessment strategies using tools like Purple Knight for exposure identification;
• Continuous monitoring and rapid response capabilities for identity system attacks;
• Recovery automation and testing protocols for Active Directory compromise scenarios.