Former NSA pen tester Errol Weiss, now CSO of Health-ISAC, joins Ron Gula to unpack the timeless lesson: compliance ≠ security.
From 1990s NSA audits (“we just passed compliance last week…”) to building bank threat intel teams at Citibank and Bank of America, Errol traces how ISACs emerged, why 85% of critical infrastructure being private changes the game, and how hospitals still struggle with razor-thin budgets, ransomware, and hidden dependencies like water. We cover the intelligence life cycle in the enterprise, “share to survive” across ISACs (FS-ISAC → Health-ISAC), local vs federal response, resilience after 9/11, and what AI is (and isn’t) doing for SOCs and threat intel today.
What you’ll learn:
• Compliance vs. security in healthcare and finance
• Why hospitals underfund cyber (2% problem) + water dependency risks
• ISAC origins & value: real-time, trusted sector sharing
• Enterprise intel programs mirroring the intelligence life cycle
• Resilience lessons (9/11 to CrowdStrike outage)
• AI’s practical impact on analysts and SOC workflows
View the Gula Tech Adventures podcast on YouTube. Click Here
Related Resources & News
This site is registered on Toolset.com as a development site.
