Active Directory Isolation: Disrupting the Bad Actors’ Playbook

Shawn Anderson

Cybersecurity Director
Intermountain Health

Active Directory is often the last line of defense before ransomware strikes. Misconfigurations, shared admin paths, and credential sprawl make it a prime target, especially in healthcare.

Attackers are aware of this, and they are exploiting it.

In this session, you’ll see how attackers escalate through your environment before covering proven security models and practical isolation techniques to mitigate risk, enhance control, and protect your systems by design. Built for security and IT teams who manage access, infrastructure, and operational resilience.

What You’ll Learn

  • How attackers move from initial access to full control of Active Directory
  • Why isolation strategies are more effective than segmentation alone
  • How to apply secure-by-design and secure-by-default principles
  • What Privileged Access Workstations (PAWs) can do to protect admin access

Register Now

About the moderators:

Shawn Anderson

Cybersecurity Director
Intermountain Health

Shawn leads the Data, Endpoint, and Application Protection team at Intermountain Health. With over 25 years of experience in IT and security, including more than 11 years in healthcare, he helped build Intermountain’s medical device cybersecurity program. He modernized its Active Directory and Azure security architecture. Shawn is a CISSP, CISA, and CCSP, and an active contributor to Health-ISAC.

Jason Stewart

Manager of vCISO Services
Fortified Health Security

Jason Stewart is the Manager of vCISO Services at Fortified Health Security. He brings deep experience helping healthcare organizations strengthen their cybersecurity posture through strategic guidance, risk-based assessments, and leadership support. Jason partners directly with healthcare leaders to align cyber initiatives with operational and regulatory objectives, ensuring practical and scalable improvements across security programs.