HIMSSCast: As security threats rise, intelligence sharing is essential
This has already been a record-setting year for cybersecurity, in all the wrong ways. Errol Weiss, chief security officer of Health-ISAC, discusses the cyber risks he’s most concerned about and makes the case for cross-sector information sharing.
If the cybersecurity space has seemed a bit busier than usual recently, you’re not imagining things. At the halfway mark of 2024, the Department of Health and Human Services’ Office for Civil Rights showed nearly 400 data breaches reported to its portal as of June 30 – the most in six months since OCR began keeping track 14 years ago.
Weiss discussed the critical value of such information sharing as healthcare organizations work to shore up their defenses and risk-mitigation strategies amid an increasingly fraught cybersecurity landscape.
Some pulled quotes from the interview:
Ransomware is a business model that started about 10 years ago, and it is only maturing. We are tracking attacks every day.
Lean on the basics right now: Backups (and test them! Tear a system down and build it back up to see if it works. CISA has a good list of current vulnerabilities to patch. MFA on everything!
In my experience, sharing works better when it is voluntary. Voluntary Sharing of one’s incident information also allows one to learn from others. There is usually someone within the Health-ISAC community who has faced a similar challenge to the one you are currently facing.
- Related Resources & News
- Healthcare Heartbeat 2024 Q4
- Health-ISAC Hacking Healthcare 2-19-2025
- Podcast: Reflecting on the Change Healthcare cyberattack
- Senate Confirms Trump Pick RFK Jr. to Lead HHS
- The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
- Health-ISAC 2025 Health Sector Cyber Threat Landscape
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025