Legacy technology represents the third-biggest security challenge facing healthcare cybersecurity programs, creating complex operational and financial dilemmas for organizations. Healthcare systems frequently inherit outdated infrastructure through practice acquisitions, resulting in end-of-life systems loaded with patient data that lack vendor support. The challenge extends beyond simple replacement decisions, requiring strategic risk assessment frameworks that balance patient care continuity with security requirements.

This session will cover:

• Compensating control strategies including network segmentation and dedicated access methods;
• Risk assessment frameworks using NIST standards and mission-critical device prioritization;
• Business relationship management and risk acceptance processes for legacy infrastructure decisions.