Hey everyone, I'm Drex, and this is the Two Minute Drill, brought to you exclusively by our partner, ORDR, the Connected Asset Visibility and Security Company. ORDR can bring nearly instant visibility for everything on your network with a minimal setup time for your staff. This Chasm stuff is pretty amazing.

Find out more at thisweekhealth. com slash ORDR, that's O R D R, thisweekhealth. com slash ORDR. On the Two Minute Drill, we do at least three stories at least two times a week, all part of one great community, the 229 Cyber and RISC community here at This Week Health. I try to keep it simple and focused and mostly plain English, so it's easy to share with your teams.

Thanks for being with me today. Here's some stuff you might want to know about. I promise I'll eventually stop talking about Change Healthcare and the Change Healthcare breach, but it's like we've now arrived at the season ending reunion episode for a Bravo TV show we can't believe we binge watched, but here we are, so we might as well go ahead and finish it.

Cyber thugs going by the name of Ransom Hub are holding Change hostage for more money. And the countdown clock on their dark web leak site expires on Friday. And when they do, they'll either publish the data or they'll sell the data. Don't go look for the site. I do that so you don't have to. Ransom Hub is telling Change Healthcare that if they pay the additional ransom, they promise they won't leak the 4 terabytes of data they claim to have.

It was this story that made a lot of us in cyber start to worry that we might be arrested or put in jail for being bad CISOs, but I don't think it's going to be like that. If you read the story and you read the associated links, I think you'll come to the same conclusion I did. Mr. Sullivan wasn't arrested for being a bad CISO.

He was arrested for Severely mishandling a breach and committing crimes. So don't do stuff like that and I think you'll mostly be fine. By the way, Mr. Sullivan was sentenced to three years probation and 200 hours of community service and he now works for a company that helps other companies automate how they respond to cyber breaches.

and how they communicate with regulators. Finally, several of our friends testified on Capitol Hill this week in a hearing on healthcare cybersecurity. John Rege from the American Hospital Association, Greg Garcia from the Health Sector Coordinating Council, Scott McClain, CIO of MedStar, and CHIME Chairman, among others.

We're all in that lineup. It's worth listening to the replay or reading the transcript. You don't have to look around for these stories. I post them all at this week, health.com/news. And hey, on Monday the 22nd, I'll release the first official long form cyber podcast from this week Health. It's called unh, the podcast.

And my co-host, Shauna Hofer and I, we'll talk about how bad guys are using ai. and what you can do about it. That's this Monday on Unhack the Podcast. Thanks again to our partner, ORDER, the exclusive sponsor of the Two Minute Drill. You can see them live at RSA in May and check out ORDER AI Chasm available now in the AWS store.

You can find the Two Minute Drill wherever you get your podcasts. Just search for This Week Health Newsroom. There's a collection of great shows in that channel, including the Two Minute Drill. Give those all a listen. And that's it for today's two minute drill. Thanks for listening. Stay a little paranoid and I'll see you around campus.