Hey everyone. I'm Drex and this is the two minute drill. It's great to see everyone today. Here's some stuff you might want to know about. We're spending a lot of time right now talking about the future of cybersecurity. Frontier AI models like mythos and autonomous agents and nation state threats like Iran and Russia and North Korea and next generation defense platforms.

And all of that matters, and I probably talk about all that stuff as much or more than anyone else. But if you step back and look at what's actually happening on the ground, a different story starts to emerge. Take the conversation around AI safety leaders like the CEO of Anthropic are warning about powerful AI systems that are being deployed faster than we can fully secure them.

So they're doing the mythos preview project glass wing with just a couple of handfuls of companies to help figure out how to better leverage and manage those frontier models. At the same time, companies like OpenAI are also working on. Controlled access models to keep advanced capabilities out of the hands of the bad guys.

That's the future we're preparing for, and we have to do that. But here in the present, hospitals are still being hit with ransomware, real world operational impact, delayed care, operational disruption. The actual entry point for many of these incidents, still the cybersecurity basics, MFA. Poor identity management.

Too many systems still exposed directly to the internet. A bunch of other fundamental stuff too. Now, at the same time, we see massive patch cycles, like the recent wave from Microsoft where 165 new vulnerabilities come in. One big giant patch Tuesday release, and every one of those patches represents work that gets pushed downstream.

You're, you have to do it. It's testing. Deployment, downtime, coordination, operational risk. We worry about when we patch because we might accidentally break a system that can impact patients, and that's not just maintenance. That's a whole system that is under pressure. And then zoom back out even further, countries like France are now reconsidering their dependence on major software ecosystems, altogether, exploring alternatives like Linux to replace Microsoft to reduce systemic risk.

That's not really a technical decision, that's a trust decision. So where does that leave healthcare CIOs and CISOs? They're doing two things at once. First, they're adapting to reality. They're prioritizing exploitable and exposed vulnerabilities. They're designing for containment instead of perfection, and they're building resilience capabilities like.

Minimum viable hospital programs. So care continues even when systems fail. But second, and this is the part that matters the most, they're doubling down on fundamentals. That was just with a bunch of health systems, CISOs, and they were talking about this. They're doubling down on the fundamentals because most attacks.

Don't start with super advanced ai. They start with a stolen credential or a system that nobody knew was exposed, or a list of other fundamental changes that we already have a roadmap to fix. The health sector coordinating council laid it out in their healthcare industry. Cybersecurity practices, HICP, and other document.

That are free right now. You can go download them. Do the fundamentals and your chances of being a victim of ransomware or data exfiltration goes way down. It's not flashy stuff. Email protection, endpoint detection and response MFA and access control. Backups that actually work and are tested. Network segmentation, all of this stuff is proven to work.

So while we debate the risks of AI and the future of cyber defense, the most likely way into your environment is still the door that you forgot to lock. The future of AI Cybersecurity is complex. It's fast moving, it's uncertain, but the biggest risks today are still tied to the basics and the organizations that execute those basics the best are the ones most likely to withstand everything else that's coming.

That's it for today's two minute drill. I'd love to hear what you're thinking. Drop something in the comments, DM me. Return Fire is always welcome. And as always, thanks for being here and stay a little paranoid. I'll see you around campus.