2 Minute Drill: Hacker Infiltration, Corporate Leaks, and North Korean Updates with Drex DeFord

Qantas made headlines by cutting all senior executive bonuses by 15% following a data breach affecting 5.7 million customers. This episode explores why cybersecurity accountability should extend beyond IT teams to the entire C-suite, and examines how this approach could transform healthcare cybersecurity investments. Drex discusses the potential impact of tying executive compensation to cyber performance and challenges healthcare leaders to consider putting "skin in the game" when it comes to security failures.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

September 10, 2025: Terri Couts, Chief Digital Officer at Guthrie Clinic, and Rachel Weissberg, Head of Healthcare Provider Strategy (North America) at Neteera, uncover how a simple ambient monitoring partnership is quietly transforming long-term care. How do you detect when a patient is slowly deteriorating before traditional thresholds are crossed? The conversation explores the delicate balance between implementing frictionless technology and managing the human side of healthcare innovation. Terri and Rachel share insights about learning together, adapting quickly, and discovering that the most meaningful patient data takes time.  Key Points: 00:51 The Collaboration Journey 07:51 Data Insights and Patient Care 15:05 Future Directions and Integrations 16:32 Advice for Healthcare Leaders X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

September 8, 2025: Ed Gaudet, CEO and Founder of Censinet, joins the This Week Health team for the news. When SalesLoft's Drift chatbot breach exposes over 700 companies through a single API vulnerability, it raises an unsettling question: are we witnessing a preview of something much larger? The security experts shift seats and play the role of the hackers, answering where they would attack first if they were the bad guys. With critical cybersecurity legislation potentially expiring and government support drying up, can healthcare keep up? Key Points: 02:01 AI and Cybersecurity Threats 06:34 Phishing Attacks and Security Measures 12:57 Legal Hurdles in Cybersecurity 19:02 Managing AI Risks X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

September 1, 2025: Cristian Rodriguez, Americas Field CTO at CrowdStrike, joins Drex for the news. What starts as a simple phone call to your help desk could be the beginning of a major security breach—but how do attackers make these voice phishing campaigns so convincing? Then, North Korean operatives successfully infiltrate major western companies as remote employees. How are these fake workers passing interviews, and what happens when their paychecks fund weapons programs while they potentially plant malware in critical systems? As the discussion unfolds, Cristian explains how modern cybercrime groups operate like legitimate businesses, complete with organizational structures and specialized roles. Key Points:02:36 Global Threat Report Insights06:20 North Korean Fake Employees11:10 Or96ganizational Structure of Cybercrime Groups14:47 AI in Ransomware NegotiationsX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

August 25, 2025: Margaret Ptacek, Vice President of Client Solutions from Experis Health, tackles three critical shifts happening in healthcare today. The conversation explores Hackensack Meridian's statewide hospital-at-home expansion and examines how healthcare systems can deliver acute-level care in patients' homes without compromising safety or quality. When staffing shortages threaten a new hospital's ability to provide basic services, the discussion turns to virtual solutions and workforce resilience strategies. Can technology and strategic partnerships solve healthcare's most pressing operational challenges while maintaining financial sustainability? Margaret shares insights from real-world implementations that are reshaping how care is delivered beyond traditional hospital walls. Key Points: 01:38 Remote Patient Monitoring and AI in Healthcare 07:01 Hospital at Home: Expanding Care Models 13:54 Addressing Staffing Shortages in Healthcare 18:22 Blending Technology and Human Touch in Healthcare News Articles:  Remote Patient Monitoring (RPM) Devices Transform Patient Monitoring, Show Promise for Reshaping Cancer Care Hackensack Meridian Expands Hospital-at-Home to Improve Patient Care Statewide New Hospital Struggles with Staffing Shortages X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer  

This week's cybersecurity updates cover three critical stories: Workday discloses a data breach connected to ongoing Salesforce compromises by the Shiny Hunters group, CEO impersonation scams using deepfake technology surge past $200 million in Q1 losses, and transcription service Otter AI faces a class action lawsuit over alleged mishandling of sensitive meeting data. Drex emphasizes the importance of security awareness training, multi-factor authentication, and establishing "trust but verify" cultures that protect employees who take extra verification steps.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

August 18, 2025: George Pappas, CEO of Intraprise Health, by Health Catalyst, joins Drex for the news. They tackle the pressing question of how CISOs can evolve from security scorekeepers into business transformation leaders who drive real organizational impact. As the hosts examine a recent White House initiative promising patient-centric healthcare, they question whether lofty proclamations can overcome the business interests maintaining today's fragmented systems. Can artificial intelligence finally deliver true healthcare interoperability, or will technical complexities and competitive pressures derail another promising solution? With $4 trillion at stake in the current healthcare ecosystem, they explore whether the industry has the willpower to prioritize genuine patient-centered care over preserving the current system.  Key Points: 02:21 Discussion on Jigar Shaw's LinkedIn Article 08:20 Challenges Faced by Rural Hospitals in Cybersecurity 15:48 CMS News Release and Interoperability News Articles:  CISOs that execute, make an impact & transform! Why rural hospitals are losing the cybersecurity battle White House, Tech Leaders Commit to Create Patient-Centric Healthcare Ecosystem

Drex covers three critical cybersecurity trends: companies swapping full-time security staff for platform subscriptions (requiring premium salaries for contract managers), the rise of AI agents in both cyber defense and attacks, and voice phishing campaigns targeting CRM systems like Salesforce that have compromised major brands including Adidas and Victoria's Secret. Healthcare organizations face unique risks from PHI exposure and must balance automation with human oversight while training staff on voice-based social engineering attacks.

August 11, 2025: Josh Howell, Healthcare CTO from Rubrik, joins Drex for the news. They examine the spike of healthcare organization breaches in summer 2025, with threat actors now moving from breach to data exfiltration in minutes rather than weeks. Josh reveals research showing ransomware attacks trigger a 20-40% decline in patient volumes within the first week, but what happens when notification costs exceed settlement amounts? They challenge conventional disaster recovery thinking, questioning whether traditional DR measures address the real problem of rebuilding trust through isolated recovery environments. The discussion also tackles a critical industry issue—how can healthcare organizations break through legal barriers to share vital attack and recovery knowledge when every breach response happens in isolation, potentially leaving the entire sector vulnerable? Join the Rubrik Healthcare Summit on September 10 and learn how to prepare for, respond to, and recover from cyberattacks. Register at events.rubrik.com/healthcare. Key Points: 03:34 Current Cybersecurity Landscape in Healthcare 05:37 Challenges and Trends in Cybersecurity 11:36 Importance of Knowledge Sharing in Cybersecurity 16:01 Financial Impact of Ransomware Attacks News Articles:  The Heat Wasn't Just Outside: Cyber Attacks Spiked in Summer 2025 Deloitte Paper

This episode covers three critical cybersecurity developments affecting healthcare organizations. First, FBI warnings about Scattered Spider ransomware group targeting employees through Slack and Microsoft Teams, including their alarming tactic of creating fake identities to join incident response calls and monitor remediation efforts. Second, leaked chat logs from the Conti ransomware group reveal these criminal organizations operate like structured tech startups with HR policies, management layers, and performance reviews - highlighting the sophisticated nature of modern cyber threats. Finally, CrowdStrike intelligence reveals over 900 North Korean operatives have quietly embedded themselves in US companies using deepfakes and fake identities, wiring paychecks back to the regime. The episode also mentions CISA's new free Thorium tool for malware analysis and forensic investigations.X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer