Search site
Find podcasts, news, articles, webinars, and contributors in one search.
Channel
Podcasts Hosted by Bill Russell, Sarah Richardson, and Drex DeFord
In-depth interviews with healthcare CIOs, CISOs, and technology leaders. Bill Russell explores the decisions, strategies, and innovations shaping healthcare transformation.
Dec 15, 2025·2 Minute Drill
A critical vulnerability called React to Shell exposed tens of thousands of systems worldwide, triggering immediate exploitation by threat actors—including China-nexus groups—within minutes of disclosure. Drex breaks down how this flaw turns innocent web requests into remote access backdoors, why CloudFlare's emergency response accidentally caused widespread outages, and what this high-stakes race teaches us about rapid response patching in healthcare. When attackers move at internet speed, your
Dec 3, 2025·2 Minute Drill
Drex DeFord explores what he calls the "trust recession"—a era where deepfakes, AI-generated content, and sophisticated social engineering have made it nearly impossible to distinguish real from fake. From synthetic customer service agents to North Korean operatives using AI to pass job interviews at US health systems, the threat landscape has fundamentally shifted. DeFord shares practical strategies for healthcare professionals to protect themselves during the holiday season when cyber criminal
Nov 26, 2025·2 Minute Drill
Drex examines the growing insider threat landscape in healthcare cybersecurity. The episode covers CrowdStrike's recent insider incident where screenshots were leaked to cybercriminals, new research showing 93% of organizations struggle to detect insider threats, and the Geisinger Health/Nuance $5 million settlement over improper data access. Drex also reveals how ransomware groups like Medusa are directly recruiting healthcare employees with financial incentives, highlighting that insider threa
Nov 25, 2025·UnHack the Podcast
November 25, 2025: What if cybersecurity awareness training could be fun, like mixing bratwurst and flu shots? Shawna Hofer , CISO at St. Luke's Health System , shares how her team transformed security culture by meeting staff where they are—literally. From creating engaging one-minute videos featuring everyday healthcare workers to establishing a groundbreaking IT and cyber resiliency team that breaks down traditional silos, Shawna reveals why the best healthcare CISOs are expert translators an
Nov 20, 2025·2 Minute Drill
Cybercriminals are escalating their tactics by deploying AI-enabled malware that adapts in real-time. Google Cloud and Anthropic threat intelligence reports reveal attackers using tools like Prompt Flux malware to contact AI APIs mid-attack, rewriting code to evade detection. Threat actors are bypassing AI safety guardrails through social engineering, tricking models into providing malicious capabilities. The underground cybercrime market now offers sophisticated multifunction tools, lowering ba
Nov 12, 2025·2 Minute Drill
CISA 2015's temporary extension buys time until January, but what happens next? Drex breaks down the Oracle E-Business Suite ransomware attack affecting 29 victims—including potential third and fourth-party partners in your supply chain. Plus, Google's $32B Wiz acquisition clears a major hurdle, and Armas' $435M funding round signals where security investment is heading. Keep your threat intel pipelines hot and your radar up. Remember, Stay a Little Paranoid X: This Week Health Linke
Nov 4, 2025·2 Minute Drill
Ernst & Young exposed 4TB of client data on an unsecured database, highlighting data hygiene failures even at major consulting firms. India's cybercrime villages have transformed entire communities from agriculture to organized online fraud operations. New AI browsers from Perplexity and ChatGPT lack critical security controls, creating risks as they access cookies, session tokens, and sensitive files. Healthcare leaders must treat these emerging tools like untrusted interns and supervise ev
Nov 4, 2025·UnHack the Podcast
November 4, 2025: Identity has become the foundation of healthcare security, but managing it is more complex than ever. In part two of this UnHack (the Podcast), Mary Dickerson , Associate VP and CISO of UTHealth Houston & Gordon Groschl , CISO and Director of HTM at Texas Children’s Hospitals , explore how organizations are shifting from prevention to resiliency. They also share candid career advice for aspiring cybersecurity professionals, challenging the industry's unrealistic entry-level
Oct 28, 2025·2 Minute Drill
Drex explores how Niantic's Pokemon Go used gameplay to crowdsource geospatial AI training data, including strategically placing Pokemon at hospitals and clinics to map sensitive facilities. Players unknowingly volunteered location data, camera scans, and movement patterns through terms of service agreements most never read. A cautionary tale about digital consent and the hidden costs of "free to play" apps in healthcare settings. Remember, Stay a Little Paranoid X: This Week Health
Oct 28, 2025·UnHack the Podcast
October 28, 2025: Mary Dickerson , Associate VP and CISO of UTHealth Houston & Gordon Groschl , CISO and Director of HTM at Texas Children’s Hospitals , discuss the current research landscape. Identity has become the ultimate battleground in healthcare security, but most organizations still don't have the fundamentals right. From securing non-human identities to enabling research without compromising compliance, these CISOs share hard-won lessons from the frontlines. Key Points: 03:36
Oct 22, 2025·2 Minute Drill
The future of AI resilience isn't just about firewalls and backups—it's about ensuring power grids, chip fabrication facilities, and cloud infrastructure can withstand attacks and disruptions. As AI becomes critical infrastructure, the question isn't whether it will change everything, but whether we can power and protect it without creating catastrophic business liabilities. Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade
Oct 16, 2025·2 Minute Drill
Cybercriminals are hijacking employee paychecks by exploiting outdated MFA systems in payroll platforms like Workday. Drex breaks down how attackers use sophisticated phishing techniques—including MFA fatigue attacks and session hijacking—to bypass traditional two-factor authentication. Learn why text-based and push notification MFA are no longer secure, and discover how phishing-resistant authentication methods like FIDO2 keys and passkeys can protect your organization from paycheck theft. CISA
Page 3 of 18
Apple Podcasts
