Search site
Find podcasts, news, articles, webinars, and contributors in one search.
Channel
Podcasts Hosted by Bill Russell, Sarah Richardson, and Drex DeFord
In-depth interviews with healthcare CIOs, CISOs, and technology leaders. Bill Russell explores the decisions, strategies, and innovations shaping healthcare transformation.
May 21, 2026·2 Minute Drill
Ransomware attacks don't always start with a ransomware gang. They start with someone who gets paid to find the door. Aleksey Volkov, known online as ChewbaccaCore, was an initial access broker. His job was identifying vulnerable companies, exploiting their networks, establishing a foothold, and selling that access on dark web marketplaces. Over 16 months in 2021-2022, his work enabled attacks on seven confirmed US businesses, resulting in $9M in confirmed losses and $24M in intended ransom dema
May 15, 2026·2 Minute Drill
Tyler Buchanan grew up in Dundee, Scotland and became one of the most consequential cybercriminals in the English-speaking world. His method was almost insultingly simple: text messages. Posing as IT help desks, he sent phishing texts to employees at companies like Twilio, LastPass, Mailchimp, and DoorDash. Directing them to convincing fake login pages that captured credentials and 2FA codes in real time. Find out how he got caught in this 2 Minute Drill Remember, Stay a Little Paranoid
May 8, 2026·2 Minute Drill
North Korean threat actors didn't breach a firewall. They built a fake company. UNC1069 spent two weeks constructing a convincing Slack workspace, fake team members, and LinkedIn profiles to earn the trust of Jason Seaman -- lead maintainer of Axios, a JavaScript library downloaded over 100 million times a week. One Teams call. One file. Within hours, malicious code was live and reaching health systems everywhere. The attack skipped the $50M security stack entirely and went straight to the human
May 2, 2026·2 Minute Drill
Drex unpacks a signal hiding across several recent stories: we may be deploying AI well ahead of our ability to secure it. From an autonomous AI agent that breached a consulting firm's internal chatbot in two hours, gaining access to 46 million employee messages, to a multi-agent experiment where AI systems escalated privileges, forged credentials, and disabled antivirus software entirely on their own, the pattern is unsettling. Add a publicly available AI prescribing tool in Utah that researche
Apr 30, 2026·2 Minute Drill
Matthew Lane was 14 when he started probing the edges of online gaming systems. By 20, he had walked out of PowerSchool with data on nearly 70 million students and teachers using nothing but a contractor's stolen credentials he found on the dark web. Drex tells the full story and then lands the part that matters most for healthcare: Lane didn't exploit a sophisticated vulnerability. He used a username and password attached to someone who had legitimate access and simply walked through the front
Apr 28, 2026·UnHack the Podcast
April 28, 2026: When a hospital goes dark, the first 72 hours are everything. Laurie Campbell , Senior Manager of Clinical Ancillary Applications and Enterprise Imaging, and Rick McIntosh, VP and the Chief Technology Officer, at Children’s Hospital Colorado , break down the phased Code Dark response framework her team developed for ransomware attacks. They walk through real examples: how the supply chain keeps inventory moving without its systems, and how the radiology team built a sneakernet pr
Apr 24, 2026·2 Minute Drill
While the industry debates frontier AI models and nation-state threats, hospitals are still getting hit by ransomware through the same doors they've always left open. Drex zooms out to what's actually happening on the ground: massive patch cycles creating downstream operational pressure, countries reconsidering their software dependencies, and CISOs quietly doubling down on fundamentals. MFA, identity management, tested backups, network segmentation. The HICP documents are free, the roadmap alre
Apr 15, 2026·2 Minute Drill
The Kim Wolf botnet was the most powerful ever built — 2 million compromised IoT devices, a record-breaking 31.4 terabit DDoS attack, and it had the FBI, Google, and Cloudflare stumped. Drex breaks down how those cheap, forgotten devices in patient waiting rooms and break rooms became weapons inside hospital networks, and why 25% of Infoblox's enterprise healthcare clients were already compromised. Then comes the wild part: a 22-year-old RIT undergrad named Benjamin cracked the whole operation —
Apr 9, 2026·2 Minute Drill
The window between vulnerability discovery and exploitation has collapsed — from 63 days in 2018 to negative. Now AI is changing the game entirely. Drex walks through how Anthropic's unreleased model Mythos autonomously found a critical zero-day in the Ghost CMS, wrote its own exploit, and extracted sensitive credentials in under two hours — all without a CVE ever existing. Add in two accidental Anthropic data leaks in the same week, and the story gets more complicated. For healthcare organizati
Apr 3, 2026·Solution Showcase
April 3, 2026: Kory Hudson , Deputy CIO at University Health in San Antonio, Texas, and Lindsay Hudson , SVP of Client Partnerships at Nordic , join Bill Russell live from HIMSS to share how a candid assessment, a governance overhaul, and a return to scheduling best practice transformed patient access and unlocked millions in net revenue. Key Points: 02:57 Back to Best Practice Scheduling 04:08 Nordic Assessment and Key Gaps 06:30 Foundation Rebuild and Change 09:53 Early Results and CIO Advice
Apr 1, 2026·Solution Showcase
April 1, 2026: Healthcare fraud is a $300 billion problem, and the old rules-based approach isn't stopping it. In this Solution Showcase from the HIMSS floor, Tim McNamee , Enterprise Account Manager, and Mark Larochelle , Strategic Public Sector Account Executive, of Cloudera explore how agentic AI is transforming fraud detection, clinical decision support, and data governance in healthcare. From enabling human-in-the-loop workflows to bringing AI directly to protected data inside your own envi
Mar 31, 2026·2 Minute Drill
Drex makes the case for a role that doesn't exist yet but probably should: VP of Non-Human Resources. As AI agents multiply across health system environments, often deployed by vendors without oversight, the management infrastructure simply isn't keeping up. Agents have access, make judgment calls, and operate inside frameworks that affect patients and business operations, yet most have no job description, no onboarding, and no performance review. Drawing on signals from Harvard Business Review,
Page 1 of 24
Apple Podcasts
