Do you agree that we are in a Cyber War right now? If so, do we need wartime cyber leadership? That is the topic of discussion for today.
Today in health, it is a time for war time leadership in healthcare. During this from a post on LinkedIn thought it would be an interesting conversation. I want to explore what that actually means. My name is bill Russell. I'm a former CIO for a 16 hospital system. And creator of this week health sort of channels and advanced, dedicated to transform healthcare. One connection at a time. We want to thank our show sponsors who are investing in developing the next generation of health leaders.
Short test artist, site parlance, certified health, notable and service. Now check them out at this week. Health. Dot com slash today. All right. Let's see. Oh, one last thing. Share this podcast with a friend or colleague use it as a foundation for daily. Or weekly discussions on the topics that are relevant to you and the industry. They can subscribe wherever you listen to podcasts. All right.
Here we go. Trucks. The Ford posted isn't time for war time. Cyber leadership. And this comes from a, another post that he is reposting from Derek a that's. All it is Derek a, there are two types of leaders, peacetime leaders, and wartime leaders. Over the last 10 years, we've seen cybersecurity filled with peace time leaders.
They've built programs that largely focused on showing off useless metrics. Buying snake oil tools that are good for their own resumes and doubling down. On consuming staff time with process and policy work. The rapid rise of fast moving ransomware groups is highlighting the shortcomings of peacetime leaders. And the programs they built. As well as the money they've wasted. The recent post-breach. Departures of the Clorox and Microsoft CISSO as well as the sec action against Tim brown and solar winds. Are gaining. Headlines outside of our tech rags appearing in places like Forbes and the wall street journal. Yesterday.
I wrote about the show pony cyber programs. The pivot is coming and more boards CEOs, and CFOs are going to start to ask if they funded the show pony cyber program. And if it's time to hire a wartime cyber leader. To make rapid advances. There's flaws in this thinking, I'm gonna come back to him.
Let me keep going. This. This is just interesting posting of itself. When CISOs get fired after a breach, it's not because they were the scapegoat. They own the breach. The CEO and CIO realized they have the wrong person in the role and need a wartime leader who can get things done quickly. The leader who sets a clear vision of victory, and then execute on that vision with violence of action. Wow. I'm healthcare.
ps are running playbooks from:It's been on building a policy. And process machine that doesn't fight. If you've worked in an org, post-breach, about wartime leaders, any task that's not critical to winning the war is a task that's ignored. Process policy and unwritten corporate rules are broken daily for the sake of speed and winning the war. Anyone who deviates from the stated objectives or slow walks work normally. Or our slow walks work quickly.
Find themselves looking for a new job. Winning is the first, second, and third most important goal. Things you were told you couldn't do before the breach. We'll be things that get done in the weeks or days following. Non-performing tools and people will both exit the org at speed. The pivot is coming.
Some will exit leadership roles under different excuses. Others will be forced out and few will show that they can quickly transition from peace time to war time leaders. But the days of the show pony riding non-technical cyber suite cyber. Yes. Ever sweet leaders are coming to an end. He's a picture patent, which is always menacing. And a couple of comments below. One of the ones that's interesting, Matthew Fran says Patton and MacArthur are generally considered toxic leaders by both historians, with Eisenhower, Nimitz, and Marshall being positive role models.
And he cites a book that has that. My initial comments on this, I put this in the post is where do we draw the line? Peace time, chief medical officer, CEO, and CIO with a wartime, Cisco and CFO. Won't there have to be a recognition of the war. At every leadership position, even if they recognize is that enough? Do the, do they actually have to lead differently? So it's important to recognize where at war. Every met by every metric.
st,:Nothing else matters. We're in a, we're in a battle mode. We've got to get this done, this, done this done. No, excuse will be tolerated. We're going to get this done. I don't care what it takes. We're going to plow through this. We're going to get this done and we're going to be effective. We're going to fight this battle and we're going to win this battle.
And it was all leaders. It wasn't just the Cisco tried to swim upstream and say, Hey, we're at war. We're at war, everyone recognized we were at war. It was the pandemic. The enemy was obvious. It was every day, every night, every mask you saw reminded you, we are in the middle of a pandemic. Things need to get done and they need to be done quickly and effectively.
And we're at the middle of this battle. We are the frontline of this battle, that was obvious.
What. Leadership needs to understand what boards need to understand. And hopefully they do at this point is. We are at war. We are in a cyber war. It is going on right now. You are being attacked at this very second. tEns and thousands of times a minute you're being attacked. It depends what your health system. But it used to be there after the big ones there after all of them now.
Big, small. Cause they've identified that if you get into a small one, you still get paid. And you might as well put some of your, what does he call them? Teenage hackers on, some of the smaller ones and see if they can't get in because they haven't proven that they can stop the teenage hacker playbook.
So I want to go back to something he says here, the pivot is coming and more boards, CEO, CEOs, and CFOs are going to start to ask if they funded a show pony cyber program. And if it's time to hire a wartime cyber leader to make rapid advances. I'm going to do a post by the way. These are my last four posts of the year. On the today show.
And then you'll we'll be back on January 2nd. Third, something like that second or third, I forgot. Which is a Monday. Of that week, but we'll be back. After this. So these are my last four. I will probably do a show this week on Elon Musk because I just finished the book. It's a big book.
I feel like I should say something about it after consuming that much time. Consuming the book. It's a high Isaacson's book on Elon Musk. I think it's a must read. I think job's his book is also a must read. I think it tempers. All this, the other stuff that you read and here out in the world.
It's so if you've read. If you've read Steve jobs is a biography from Isaac said it tempers. The deification that is going on around Steve jobs. Oh my gosh. Steve jobs was amazing. Let's get something straight. Elon Musk, Steve jobs are great. They are great at a handful of things, they were just. Just beyond anything we've seen in our lifetime.
Being able to Steve jobs was the old. Ultimate showman. He, he. He could tell a story better than anybody he could. He could. Take that story. And he could create a brand from that story. He also identified what was the most important thing around building that brand. He also was able to drive engineers. Mostly insane, but he was able to drive them beyond their capabilities to build something that was truly unique.
Elon Musk also has that ability. He has that ability to build things and to solve problems that no one else has been able to solve. And to drive engineers to solve problems that they couldn't solve.
At the end of the day, it's important to realize when you hire someone like this. Now you can't hire you on mush. You don't hire Steve jobs, but when you hire somebody, when you say, I want to bring in a war time, Cisco. Understand what you're hiring. You're hiring patent. You're hiring MacArthur.
You're hiring these kinds of leaders who were just, they were difficult people. They saw everything through that prism of we're at war. It never let up. It was relentless there, their discussions, the things they asked for, the things that, it's like, it's you watched the movie patent and I don't know how historic historically accurate it is, but I remember watching it as a kid growing up and he was like, we got to go right into Russia.
Now Russia was an ally and it was essentially saying, we need to go right into Russia. Now you look back in history and you're like, oh, maybe he was right. No, he wasn't. He. You don't go from one world war to the next world war immediately following. , but that's how a war time person.
We're always at war for a war time. CYSA we are always at war. That's what you're hiring. You're hiring a difficult person. You're hiring somebody who is constantly going to be coming in and saying, we need to spend more money here. We need to hire the right people. We need to do these programs. We need to ask doctors. To do dual factor authentication.
And not only that, beyond that, we need to we need to encrypt everything at rest and in motion we need to, they are going to have relentless relentlessly push. Because they know we're at war and we are at war. And they're going to push for those things. Now you can get misaligned. This was my point.
You can get misaligned. That's what you're asking for. When you're saying, Hey, we want. Those kinds of CISOs. And I do believe we need those kinds of systems cause we're at war. But if the CEO, the board, the CIO and the CFO are not in alignment. If they're not war time, People. They're going to tire of this person very quickly.
I put as much of the blame on the boards, the CEOs, and the CFOs who do not understand cybersecurity. Many CEOs still do not understand technology. They talk about innovation. They talk about those things, but they haven't spent the time to dive in. And the Musk book, he dives in to all of it to neuro link. To rockets to cars.
So to say, a CEO can understand every aspect of the healthcare system. It is a bunch of baloney. They choose not to. CEO's need to understand technology and they need to understand cybersecurity at a level that they do not currently understand it today. And they say, oh, my job is bigger than that. I trust people to do that.
Now, there are certain things you have to understand. If you're being attacked every day by adversaries, you need to take the time to sit down with your Cisco and understand what they're saying and potentially educate yourself on what those attacks mean. And, and essentially be able to weigh in on the conversation at a level you haven't weighed in on before. And so as a board, if your CEO doesn't understand cybersecurity, if every time they need to talk about cybersecurity, they bring somebody in to talk about it.
They might not be the right CEO. You might need a wartime CEO. And by the way, you probably need a wartime CEO because healthcare is under attack. Period. From a financial standpoint is under attack. He needed a wartime CEO, a wartime CFO, a wartime, Cisco, and probably a wartime CIO. They need to view everything as our existence is under attack. There are tons of people coming for your revenue, for your patients and they're coming for your data and they're coming for your doctors. It is really time to rethink what we think the role is of CEO, CIO, CFO, and definitely CSO.
Because if that's not obvious to you that we're under attack every day on the cybersecurity front then you're not seeing things clearly. With that being said, we need alignment. We cannot have teams that some think we're at war and some don't. We think we're at war and the people who control the money.
Don't think we're at war. While the people who are in the trenches know we are at war. Anyway, I thought that would be an interesting discussion. And if you are sharing this with your teams and your friends or colleagues, I'd love to hear what you guys think. Talk about it. See, if you agree with me, disagree with me. And let me know. Bill at this week, health.com. That's all for today.
Don't forget. Share this podcast with a friend or colleague. We want to thank our channel sponsors who are investing in our mission to develop the next generation of health leaders. Short test artist, site parlance, certified health, notable and service. 📍 Now check them out at this week. Health. Dot com slash today. Thanks for listening.
That's all for now.