Drex discusses crucial updates on upcoming cyber regulations, insights from US Senator Mark Warner's push for mandatory cyber standards, a new bipartisan Healthcare Cybersecurity Act, and the escalating costs of UnitedHealth's recent breach.
Remember, Stay a little paranoid.
Subscribe: https://www.thisweekhealth.com/subscribe/
Linkedin: https://www.linkedin.com/company/ThisWeekHealth
Twitter: https://twitter.com/thisweekhealth
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer - https://www.alexslemonade.org/mypage/3173454
This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Hey everyone, I'm Drex, and this is the 2 Minute Drill, where I do three quick stories twice a week, all part of one great community, the 229 Cyber and Risk Community, here at This Week Health. Today's drill is brought to you by Fortified Health Security. No matter where you're at in your cybersecurity journey, Fortified Fortified can help you improve your security posture through their 24 7 threat defense services or advisory solutions delivered through Central Command.
A first of its kind platform that simplifies cybersecurity management and provides the visibility you need to mature your program. Learn more@fortifiedhealthsecurity.com. Thanks for joining me today. Here's some stuff you might want to know about. On Monday's longer form cyber podcast called Unhack the Podcast, I'll be talking to a small group of CISOs about upcoming cyber regulation and how they stay on top of it and what prep work they're doing in advance of those new requirements.
And in that vein, US Senator Mark Warner has sent a note to Health and Human Services and the Deputy National Security Advisor, asking them to skip ahead to the mandatory cyber standards. saying that the voluntary healthcare cybersecurity efforts are insufficient and dangerous. Remember, Senator Warner published a policy paper almost two years ago called Cybersecurity is Patient Safety, where he made a number of significant policy recommendations.
I'm reposting a story with links to that 2022 policy paper at thisweekhealth. com slash news. And if that's not enough help from the Senate, this week a whole other bipartisan group of senators have introduced a new bill, the Healthcare Cybersecurity Act. It would direct the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency, or CISA, to provide resources and strategies to improve defenses of healthcare entities.
I'm not sure if these Senators spend a lot of time talking to HHS or CISA, but those folks at those two agencies actually spend a lot of time together working on that exact. kind of stuff. So the bill lacks a lot of detail in an election year. I'm skeptical that it'll go anywhere, but just know the politicians are doing politician stuff and you should be aware.
Most disappointing at this point, there's a lot of bluster about doing something and making you do something about cybersecurity, but not a lot of detail on how or when or if there will ever be any funding for any of these mandates. That's the part that kind of feels like a deal breaker to me, especially for smaller health care organizations.
All these stories are on the news site. I'll try to keep an eye on this stuff and I'll keep you updated. Finally, UnitedHealth, the parent of Change Healthcare, has upped their estimate on the cost of this year's cyber breach by about 1 billion over the previous estimate. Now they're saying the breach will cost them about 2.
3 billion dollars. And that's all I really have to say about that. Thanks again to our 2 Minute Drill sponsor, healthcare cyber partner, Fortified Health Security, with a 98 percent client retention rate and three consecutive best in class awards. Fortified's exclusive focus on healthcare cybersecurity makes them the go to partner for healthcare organizations wanting to strengthen their security posture.
Find out more at fortifiedhealthsecurity. com. That's it for today's Two Minute Drill. Thanks for being here. Stay a little paranoid. I'll see you around campus.