Guests:

• Charles Carmakal, CTO at Mandiant
• Taylor Lehmann, Director at Office of the CISO, Google Cloud

Topics:

• What are the current “popular” incidents at healthcare providers that you handled? Any of them involve cloud?
• Do healthcare CISOs have time for anything other than ransomware?
• Does insider threat matter? What can incident response teach us here?
• How do you think the threat actors benefit from the health data they steal?
• Based on your IR experience, what are the more interesting ways in, other than phishing?
• Give us your IR-informed take on ransomware pay/not pay focused on healthcare, ideally?

Resources:

• “The key role ‘visibility’ plays in healthcare’s cybersecurity resilience”
• “How healthcare can strengthen its own cybersecurity resilience”
• “M-Trends 2022: Cyber Security Metrics, Insights and Guidance From the Frontlines”
• “Future of EDR: Is It Reason-able to Suggest XDR?” (ep29)
• “MFA fatigue attacks: Users tricked into allowing device access due to overload of push notifications”“VS21: A Playbook for Resiliency: Contain and Remediate Ransomware Before It Can Act”
• “FDA Announces Fix for Pacemaker Security Flaws”