📍 Today in health, it we're going to take a stroll through the headlines. I'm going to give you my take. On a couple of stories. My name is bill Russell. I'm a former CIO for a 16 hospital system and create, or this week health set of channels and events dedicated to transform healthcare. One connection at a time. We want to thank our show sponsors who are investing in developing the next generation of health leaders.

Notable service now, enterprise health parlance. Certified health and Panda health. Check them out at this week. Dot com slash today. All right. These stories and all new stories recover. You can find on our website, this, we call it.com/news. Check it out today. Finally share this podcast with a friend or colleague use it as foundation for daily or weekly discussions on the topics. That are relevant to you in the industry.

Great way to mentor the next generation. Have you started? Have you started? Find somebody. Mentor them. They can subscribe wherever you listen to podcasts. Alright, here we go. I'm just going to go over to our website. Pull it up. Here we go. And we have nine new stories directs was busy and having Sarah on staff has helped as well.

She's pulling in some stories as well. And I was looking through these I'm recording. Two new stay shows tomorrow. So I'm going to give you the headlines, give you a little bit of what's going on. So essentially warrants of suspected cyber attack, clinical operations disrupted, and essentially it out of a precaution. They are looking at things and they have told their partners to disconnect temporarily. The healthcare network continues to investigate the incident with assistance from cybersecurity firm mandate. And has notified the appropriate authorities, ensuring measures are in place to minimize impact on patient care.

The event echoes previous major cyber attacks, so forth and so on. My take on this, to be honest with you, my take on this. Is, there's an awful lot of activity. And it could just because Drex. Did an awful lot of work in the last couple of last couple of days. But if I look at the. The nine stories, seven eight of them are cybersecurity related. Okay. Just a lot of activity.

So this is reporting on historical information. The Ascension is an active situation that's currently going on. It's interesting with email. I was going back and forth with someone in an email. Oddly enough today. And they are in discussions with a health system that is going to turn off all external email. And it got me to thinking it's not even a possibility and before you write it off completely. The productivity of your organization would likely go. Up pretty dramatically. Now you'd still have ways for email to get into your system, but you would end up with almost a a system like we used to have back in the old days,

there was a mail room. And all the mail came into the mail room and then it was distributed something to that effect. And you'd have certain gateways for certain things. I don't know what appropriate use of email. Coming in to the organization. There's a lot. And so this is the problem with this.

After you really sit back and think about this. It really becomes hard to just shut it off categorically. You would have to do a pretty comprehensive study. Before you pulled the trigger on something like that. And try to minimize the unintended consequences. Which is the bane of our existence. When you do something you think is good and right, and helpful. And it does not turn out that way.

Unintended consequences. There you go. Sarah Richardson gave us this story. Bankrupt steward health puts his hospitals up for sale discloses 9 billion in debt, 9 billion in debt. Wow. That's a lot, but it's a fairly large health system. So steward health care is selling 31 of its us hospitals. After filing for bankruptcy protection, aiming to manage its 9 billion in liabilities without closing any facilities, despite having high annual revenues and potential value.

In other assets, the company struggled with financial stability due to burdensome. Long-term rent obligations and unpaid bills and wages. Stewards plans include auctions for its hospitals and potential sale of its physician group. To mitigate against immediate financial collapse, reinforced by court. Approved interim financing agreement.

This is a fire sale and an opportunity for somebody, but a buyer beware clearly know what you're buying, know what you're getting. I can't tell you the number of times that we acquired things. And. It's just, there was a. I don't know. It's hard to explain. We acquired things and then found out some major things after the acquisition. So again, buyer beware.

These are, it is a fire sale. There's probably all sorts of wreckage. Throughout the hallways and in the psyche of the employees and whatnot. It has not been a well-run system for quite some time. Again hard to hard to imagine. And if you're on the it side of, Hey, we just acquired three. Of the steward health hospitals, or we've acquired their physician practice. I would plan on throwing out all their technology and pulling them onto your technology as quickly as possible, which as is a fairly challenging project in and of itself. All right, let's go through some more of the cybersecurity new ENY research revealed cyber security fears are on the rise among us workers. With the vast majority concerned about AI. In cybersecurity. That.

I even knew stories.

You could put AI in news stories. I saw a. A video on social media and it's, it's the use of AI in product development. And there's a container. It's like a styrofoam container and they put a burger in there and they put some, this is AI and they put some of the sauce on top of it.

Then they put some else on more sauce on top, something else, more sauce. They put the bun on top. They put sauce on top of the button. They put fries in there. They put sauce on top of the fries. They closed the lid. They put sauce on top of the. Even news stories, right? They're concerned about AI and cybersecurity.

They know it's going to get clicks. They know people are going to read it. And so putting AI in anything right now is quite frankly is suspect. And hard to get to the bottom of it. With that being said, I've been talking about AI incessantly. Because I do believe it is a transformative technology, but just be aware, people are just spreading it on pretty thick at this point. CYSA grants 30 day extension for input on incident reporting rules.

So they a cybersecurity and infrastructure security agency, which Acessa has extended the deadline for comments on his proposed cyber incident, reporting regulation for critical infrastructure entities to July 3rd, following industry. Requests for more time, the extension aims to facilitate further feedback on a significant regulatory proposal, aiming to enhance cybersecurity measures within critical infrastructure sectors. The extension announcement was made in a federal register notice and was highlighted by the house Homeland security. Cyber committee chairman.

If you're interested. You can go out and comment there. DHS CYSA announced membership changes to cyber safety review board. The department of Homeland security, DHS, and CYSA have announced changes. It's a membership, including both departures and new additions, and it has all the people that have, that are going out and coming in.

If you are interested in that, The compromised backup Sen ransomware recovery costs. Soaring. This is SC magazine. The article highlights the increasing focus of ransomware attackers on compromising organizations, backups. Illustrating a worrying trend. That's simply backing up. Data is not enough for protection or for by Sofos reveals that 94% of surveyed organizations experienced attempts by cyber criminals to target their backups. During ransomware attacks. We've known this, we've known this for quite some time.

This is exactly where they go. Because if you have a backup, you can recover and you don't have to pay them the ransom. They absolutely go after the backups. It's one of their primary modes, modus of, uh, modes of operation. Modus operandi. I think it's supposed to same thing. There you go. So they're going after your backups, it's important to consider your strategy. We just did a webinar yesterday, which will be released on our podcast channel in a couple of weeks. And directs talk to a Microsoft and Rubrik. About some of the nuances on a modern backup strategy and recovery strategy.

It was very interesting. And let's see, change healthcare lacks safeguards, even as gave security advice. That's in roll call. That's just piling on at this point, but potentially there's some some relevance in there. Biden administration launches, international cybersecurity strategy. A ton of cybersecurity activity when I read this many cyber security stories, I'm just reminded that vigilance is so important. We can't let our guard down. It's not Hey, we got funding three years ago and that's going to cover us. We always need to be looking at cybersecurity. Understanding what the attack vectors are. Into our specific health system. Formulating plans for protection around those things. Also understanding the reality that the attackers may already be in your system. And to build your security measures. With the assumption that they're already. On your systems and operating on your systems. And as far as leadership, the thing I would say is you have to have the appropriate measures, but more than that, you have to be aware of the risks. And that is the most important thing to be communicating. To the leadership. It's not, we're spending this, we're doing this, that kind of stuff.

That's important. And that's part of the report out. But they need to understand the risks so that they can make the appropriate decisions. Your role is to make sure they understand the risks. If we do not do this. Or if this continues or if we don't. Implement dual factor authentication across all of our systems across the health system. We will have this kind of exposure.

Now they might say that's okay. We accept that risk. Your job was done. You made them aware they make the, they made that decision. And that's fine. But at the end of the day, we need to make sure that we are communicating that effectively communicating it well. So a lot of cybersecurity stories today, never, I hesitate to do this now because we now have. Trex is two minute drill and he will go through a bunch of this stuff in a lot more detail.

I just want to do it at a high level. I'll give you an idea of the amount of activity that's going on in cybersecurity.

So there you have it. That's all for today. Don't forget. Share this podcast with a friend or colleague you said is foundation. For mentoring. We want to thank our channel sponsors who are investing in our mission to develop the next generation of health leaders. Notable service now, enterprise health parlance, certified health and 📍 Panda health.

Check them out at this week. Health. Dot com slash today. Thanks for listening. That's all for now.