Adrian Johnson
TLDR:
Key points from the article:
- Errol Weiss, Chief Security Officer at Health-ISAC, discusses the importance of protecting the healthcare sector from cyber threats.
- He emphasizes the significance of multifactor authentication, staying up to date on patches, and practicing good data backup techniques.
Guarding Health: Errol Weiss on Protecting the Healthcare Sector from Cyber Threats
Each day, healthcare organizations face the threat of cyber attacks, making the healthcare industry a prime target for cybercriminals. Errol Weiss, the Chief Security Officer at Health-ISAC, shares his journey in the cybersecurity profession, highlighting his experience in government, commercial security consulting, and finance, which led him to his current role.
Weiss discusses the importance of information sharing and threat intelligence functions offered by Health-ISAC to help healthcare organizations protect themselves. The organization’s Threat Operations Center focuses on monitoring and providing support to members globally. With the rise of cyber incidents like the Change Healthcare breach and Ascension Hospital ransomware event, Health-ISAC plays a critical role in providing intelligence, advice, and recommendations to its members.
Weiss also addresses the challenges of communicating with members after a breach and emphasizes the value of sharing incident information to prevent future attacks. He advocates for a shift in the risk conversation within organizations to prioritize cybersecurity and participation in information sharing networks like Health-ISAC.
Furthermore, Weiss highlights the importance of engaging vendors and partners in the healthcare industry to enhance security practices. He discusses the prevalent cyber threats faced by healthcare organizations, such as ransomware, phishing, social engineering, and AI-driven scams.
In conclusion, Errol Weiss and Health-ISAC’s efforts in raising awareness and providing guidance to the healthcare sector against cyber threats are crucial in safeguarding sensitive patient information and ensuring the resilience of healthcare organizations.
