This Week Health

Don't forget to subscribe!

In this episode of the Two and a Half Minute Drill, Drex brings us a mix of cyber news from the frontline. We kick off with the uplifting news of a cybercriminal facing justice for attacks on healthcare organizations, including a significant 2020 incident impacting the University of Vermont Medical Center. Dive into the complex world of cybercrime's long-term effects on victims, highlighting the distressing use of a child's stolen data. Explore the evolving roles of CISOs and CIOs as they adapt to the challenges of digital innovation and cybersecurity, moving beyond compliance to become integral parts of business operations. Plus, a cautionary tale about the potential pitfalls of chatbots, serving as a reminder to prioritize accuracy and ethical considerations in digital patient interactions. Join us for these insights and more, and learn how you can contribute to our growing cyber risk community.

Contributions & Community:

Become part of the conversation and help shape future episodes by contributing stories and insights. Visit and click on "Become a Contributor."

Stay Connected:

Don't miss out on our upcoming episodes focused on hacking healthcare. Follow our podcast, like and share this post to spread the word, and join the new 229 cyber and risk community for more in-depth discussions and resources.

Stay Informed, Stay Secure:

Visit for more information and resources to bolster your cybersecurity knowledge and defenses.

Remember, Stay a little paranoid.


  Hey everyone, I'm Drex, and this is the two and a half minute drill. We do at least three cyber security stories at least two times a week, all part of one great community, the 229 cyber risk community. Here's some stuff you might want to know about. Let's start with some good news. The perpetrator of a cyber attack against a number of organizations, including the University of Vermont Medical Center in 2020, has pled guilty in federal court and faces a number of 20 year sentences.

He's been on the The FBI's cyber most wanted list for quite a few years, and there's two stories I've included on this. Each of them, the coverage is a little bit different, but they're worth a read because there's a lot of great insight about the impact to patients and families and staff and the organization's finances, which took a 65 million hit.

The cyber dirtbags, however, continue to be Dirtbags. I include a story today about the long term fallout of cyber attacks on patients and families. In this case, data was exfiltrated during the attack and then used to contact the patient's family, asking for payment, or the patient's data was going to be released on the dark web.

And in this particular case, the patient was a child. And the reality is that a child's data might be worth more. More than an adult's data on the dark web, because if the cyber criminals can make the identity theft stick, the kid might not know anything about what's going on until they try to get their first credit card, and that's when they find out they've got bad credit, and that could be years later.

I like this next story because as I've traveled around the country the past couple of years, I've seen this kind of trending in real life. The article talks about how CISOs and CIOs are converging as CIOs roles continue to sort of move toward digital innovation and CISOs roles continue to grow from mostly compliance to deep diving into business operations in an effort to better understand how to stop breaches that seem to be an inevitable part of digital innovation.

Over time, I'll tell you, I've seen more and more CISOs Also take over the chief technology officer role in health care and, um, the ones that are real problem solvers and the ones that are real innovators. I'm not surprised at all when they move into the CIO seat or even eventually. Take the CEO seat one day.

I'm in overtime, but just one more. I know a lot of you are putting chatbots online to communicate with patients, but this story is about a chatbot gone wrong. And it's definitely worth reading and sharing because even though this isn't specifically a healthcare story, the possibility of a chatbot misleading customers definitely is a lesson I'd rather we learn from another industry and not our own.

I drop all these stories and a bunch more at thisweekhealth. com slash news. Go there and read and learn and share. You can even become a contributor to the site. Just click the button at the top of the page. You want to know more about what I'm working on? Well, for one thing, I'm headed to Vive in LA next week, and I'd love to catch up in person.

Drop me a note at drex at thisweekhealth. com and check out the new 229 Cyber and Risk Community at thisweekhealth. com slash security. Please like and share and tag your friends. Uh, I make this a mostly English, mostly non technical update. That means it's pretty okay to share that with everyone in your organization.

Uh, that's today's two and a half minute drill. Stay a little paranoid. I'll see you around campus.

2 Minute Drill is Sponsored By

Our Shows

Solution Showcase This Week Health
Keynote - This Week Health2 Minute Drill Drex DeFord This Week Health
Newsday - This Week HealthToday in Health IT - This Week Health

Related Content

1 2 3 250
Transform Healthcare - One Connection at a Time

© Copyright 2023 Health Lyrics All rights reserved