97 episodes

The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

The CyberPHIx: Meditology Services Podcast Brian Selfridge: Healthcare IT Thought Leader

    • Technology
    • 5.0 • 4 Ratings

The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates the discussions with leaders in healthcare data security.

    The CyberPHIx Roundup: Industry News & Trends, 5/26/22

    The CyberPHIx Roundup: Industry News & Trends, 5/26/22

    The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. 

    In this episode, our host Brian Selfridge highlights the following topics trending in healthcare cybersecurity this week: 

    Highlights from the US Senate HELP hearing discussing the threat of cyberattacks on the healthcare industry  Healthcare and Public Health Sector Coordinating Council (HSCC) releases new incident response checklist  Ransomware growth causes cyber liability insurance costs to skyrocket  Cardiologist charged with designing and selling ransomware  BakerHostetler data security incident response report highlights and analysis  Vendor risk management trends and associated healthcare breaches Solara Medical Supplies proposes a $5 million settlement to resolve class action data breach lawsuit CISA Alert: Weak Security Controls and Practices Routinely Exploited for Initial Access CISA alerts organizations not to install May security patches on Microsoft domain controllers US Department of Health and Human Services (HHS) warning healthcare entities about the aggressive Hive ransomware group A look back on the Conti ransomware group’s attacks on 200+ healthcare entities over the last two years HHS information on Russian Advanced Persistent Threat (APT) groups and associated analysis 

    • 45 min
    The Bleeding Edge: Healthcare Cyber Threats That Cut Deep

    The Bleeding Edge: Healthcare Cyber Threats That Cut Deep

    Major shifts in the delivery of healthcare are introducing new and unforeseen cybersecurity and privacy risks. Cybersecurity and risk leaders in healthcare must rapidly adapt their programs and protection mechanisms to avoid adverse impacts from evolving cyber threats. 

    Any one of these emerging risk areas can cut deep and have material impacts to patient safety, financials, reputation, and more. In this session, we provide an overview of new cyber threats and solutions through the lens of Ron Belfont, Information Security Officer and Director of Security & Support Services for Bayhealth Medical Center, and his years of experience safeguarding patient information and systems. 

    Topics covered in this session include:  
    Internet of Things (IoT) & Internet of Medical Things (IoMT) challenges and solutions  Securing health apps and wearables Emerging regulatory changings including HIPAA  Cybersecurity approaches for the remote workforce Fourth-party vendor risks and securing the healthcare supply chain Cyberwar and changes to the threat landscape

    • 51 min
    The CyberPHIx Roundup: Industry News & Trends, 4/21/22

    The CyberPHIx Roundup: Industry News & Trends, 4/21/22

    The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. 
    In this episode, our host Brian Selfridge highlights the following topics trending in healthcare cybersecurity this week: 
    Healthcare Cybersecurity Act introduced in the U.S. Senate; details and analysis about the proposed regulation HHS and OCR seek feedback on new HITECH safe harbors for the adoption of cybersecurity best practices including NIST and HITRUST OCR requests feedback on how HIPAA civil monetary penalties should be shared with individuals that have been victims of breaches University of Pittsburgh Medical Center is required to make payments to 66,000 employees that were victims of a 2014 cyber breach as part of legal settlement Proposed PATCH Act that would see the FDA require cybersecurity measures for medical device manufacturers; details and analysis New NIST standards for enterprise patching management including NIST SP 800-40 and NIST SP 1800-31 FDA releases updated guidance on medical device cybersecurity (in addition to the PATCH Act) Lapsus$ cyber threat group alerts from the Health Sector Cybersecurity Coordination Center (HC3) as well as prominent arrests of the Lapsus$ gang’s teenage leader  Arrest of ransomware leader responsible for 13 ransomware attacks; details of attacks and sentencing Germany and the U.S. shut down the world’s largest illegal darknet marketplace CISA warns of Uninterruptible Power Supply (UPS) device cyberattacks Urgent security alert for Philips MRI monitoring software A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' S State Department announces Bureau of Cyberspace and Digital Policy (CDP)

    • 35 min
    Arming the Citizens: Awareness Strategies for Cyber War

    Arming the Citizens: Awareness Strategies for Cyber War

    President Biden issued an alert recently that U.S. companies must ramp up their readiness to anticipate potential cyberattacks from Russia stemming from the conflict in Ukraine.  

    What role do end-users play in protecting healthcare organizations during this ongoing cyberwar? Is the workforce our best defense on the front lines of cyber combat? 

    Join us for this episode of the CyberPHIx podcast where we hear from Eric Bielski, Director of Information Security for Benefit Resource. 

    Eric provides insights into leading practices for cybersecurity awareness programs for healthcare entities.  

    Topics covered in this session include:  
    How to make cybersecurity important for the average workforce member  Effective deployment vehicles for awareness training  Maintaining cybersecurity awareness for hybrid and remote workforce  Free resources for security awareness and HIPAA compliance content  Top messages for the workforce to combat cyberwar attacks  Measuring effectiveness of awareness programs via KPIs  Phishing testing and training best practices 

    • 28 min
    The CyberPHIx Roundup: Industry News & Trends, 3/24/22

    The CyberPHIx Roundup: Industry News & Trends, 3/24/22

    The CyberPHIx Roundup is your quick source for keeping up with the latest cybersecurity news, trends, and industry-leading practices, specifically for the healthcare industry. 
    In this episode, our host Brian Selfridge highlights the following topics trending in healthcare cybersecurity this week:
    President Biden’s cybersecurity warning about Russian cyberattacks on U.S. companies New cybersecurity legislation signed that mandates breach reporting within 72 hours SEC proposes new cybersecurity disclosure requirements New FBI & CISA alert on Russian exploitation of multi-factor authentication and “PrintNightmare” vulnerability Hactivists attacks on Russia databases, TV broadcasts, weapons manufacturers, websites, and the Russian Roskomnadzor censorship agency Russia’s creation of their own TLS Certificate Authority (CA) and implications for Internet accessibility in Russia FBI alert and guidance on the new RagnarLocker ransomware and implications for healthcare entities Details of the new Israel/US collaboration on cybersecurity Analysis of the Access:7 vulnerabilities affecting medical devices and IoT systems OCR / HHS publication and recommendations for healthcare organizations to improve cybersecurity defenses Analysis of the new HIMSS Healthcare Cybersecurity Survey New attacks emerge against Microsoft Teams

    • 42 min
    Cyber Trust Falls: How Cybersecurity Enables Trust in Healthcare

    Cyber Trust Falls: How Cybersecurity Enables Trust in Healthcare

    Who can be trusted to protect sensitive healthcare information and systems amidst a daily barrage of breach events?
    Healthcare cybersecurity and risk leaders must identify innovative ways to establish and maintain trust in the healthcare ecosystem through cybersecurity programs and functions. This includes being transparent about risk exposures, building relationships internally and externally, responding effectively to breaches, and adopting certification models like HITRUST and SOC 2.
    In this episode of The CyberPHIx, we hear from Ed Dame, Chief Information Security Officer for Dasher Services, Inc.
    Ed provides insights and wisdom from his years of experience as a CISO in building relationships and establishing trust. Questions covered in this session include:
    Why is trust important in healthcare settings? How can cybersecurity programs support and sustain trust? What role does transparency play in building or eroding trust? What are the boundaries of accountability for trust for healthcare CISOs including third- and fourth-party vendors? What role do cybersecurity certifications like HITRUST play in establishing trust with the market? What happens when trust is lost or damaged? Is there a right and wrong way to respond to breaches that impacts trust? What is the different between reacting and responding to cybersecurity incidents? What is the role of emerging “zero trust” models and terminology in healthcare?

    • 40 min

Customer Reviews

5.0 out of 5
4 Ratings

4 Ratings

Top Podcasts In Technology

Jason Calacanis
Lex Fridman
NPR
Jack Rhysider
PJ Vogt
Gimlet