This Week Health
2 Minute Drill: Classified Military Communications & Healthcare Restructuring With Drex DeFord

Subscribe to This Week Health

Share this episode

Drex covers a major security breach where Trump administration officials shared classified military operation details via Signal chat with an unauthorized reporter, Broadcom's release of critical security updates for VMware tools addressing high-severity vulnerabilities, and a dramatic HHS restructuring that eliminates 10,000 positions, reduces divisions from 28 to 15, and transfers key healthcare security offices including ASPR to CDC and realigns the Office of Civil Rights overseeing HIPAA compliance.

Remember, Stay a Little Paranoid 

X: This Week Health 

LinkedIn: This Week Health 

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

Transcript

This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Hey everyone, I'm Drex, and this is the two minute drill where I cover three hot security stories twice a week. All part of the cyber and risk community here at the 2 29 Project and this week, health, I try to keep the podcast mostly plain English and mostly non-technical, so it's easy for everyone in the organization to consume so that everyone can help do their part to keep.

Patients and families, and the whole health system safe. Today's two minute drill is brought to you by Intraprise Health, a health catalyst company. It turns out you can reduce the time and effort needed for third party risk assessments by up to 50% using Intraprise Health's Blueprint Gen AI, technology, security, compliance, and peace of mind.

Find out more@Intraprisehealth.com. Great to see you all today. Here's some stuff you might wanna know about. I. By now I'm sure everyone's heard about the Trump administration signal Chat used for communication between top government and military officials during this week's bombing of Yemen, Houthis militants.

The chat included target and weapon info, dates, and times. Basically all the classified info you'd wanna see briefed to a very limited number of people prior to a mission launch. And oh by the way, it included an Atlantic Magazine reporter, and yes, they did it on Signal top secret government information on signal.

That's problem one. They also included a civilian who has no security clearance in into the chat. That's problem number two, and odds are also really good. They did it on signal because they're trying to hide from the mandate. That these kind of communications are recorded and stored in government records should they ever need to be referenced later.

And that's problem number three. And I've got a whole list of these. I could go on, I won't, it feels like it's an April Fool's Day joke, but you know, it's not. And I use Signal. I like it. I've. It's become one of the tools that people in cybersecurity and the press used to feel more comfortable that the info they're sharing is protected.

But as someone who had a top secret security clearance throughout my military career, it's not the same. Signals not even close to the communication capabilities that are supposed to be used for classified communications. I can almost guarantee that if I would've sent this kind of classified info via a commercial off the shelf communication platform like Signal, I'd probably be in irons right now and they would probably have put me under the jail for the failure to protect top secret material.

Risking a Tom, uh, combat mission and risking the lives of the warriors that were involved in that mission. Undoubtedly, this story will continue to unfold and I'll do my best to keep you posted. In other news Today, Broadcom has released a security update. This week to fix a high severity authentication bypass vulnerability in VMware tools and windows.

Earlier this month, they released three other zero day patches. So if you're a VMware user. Take a look at all of those. And while we're on the subject of VMware, you should take a look at Bill Russell's series of articles about escaping vendor lock-in. VMware is a big topic in that series. You can find him and the series on LinkedIn.

I'll put a link in the comments. This was just released on the HHS website. Health and Human Services will undergo a dramatic restructuring. According to a new executive order, 10,000 full-time positions will be eliminated. The current 28 divisions at HHS will be downsized to 15 divisions. And particularly interesting for many of us in healthcare IT and cybersecurity.

HH s's, office of Administration for Strategic Preparedness and Response. Asper or A SPR will transfer to the CDC, the Centers for Disease Control and Prevention. There's also realignment for the Office of Civil Rights or the OCR who drives a lot of HIPAA investigations. And a whole lot more in a just release memo.

A link to the new memo and a bunch of other healthcare policy, tech, and security stories are on one of healthcare's fastest growing news sites this week. health.com/news. Today's two minute drill was brought to you by Intraprise Health, a health catalyst company, Intraprise Blueprint centralizes, privacy and security, and third party risk management, all on a single scalable platform, helping you to identify, prioritize, and address risk across your healthcare organization.

Check it out now@Intraprisehealth.com. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I will see you around campus.

2 Minute Drill is Sponsored By

Our Shows

Related Content

1 2 3 316
Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved