Should we be worried

About state-sponsored attacks against hospitals?

Security and the Board Need to Speak the Same Language

How security leaders speak to thier C-Suite and Board can make all the difference

The Rising Threat of Offensive AI

Can we trust what we see, hear and are told?

Who'd want to be a CISO?

Challenging job, but increasingly well paid

Medical Tourism - Growing in Popularity

Safe, fun, and much, MUCH more cost-effecitive

The Changing Face of the Security Leader

The role is changing, but what does the future hold?

Cyber Risk Insurance Won't Save Your Reputation

Be careful what you purchase and for what reason

The cybersecurity of our medical health devices


Left-right: Richard Staynings, Chief Security Strategist, Cylera; Jonathan Bagnall, Ph.D., Cybersecurity Global Market Leader, Philips; Andrew Pearce, Senior Digital Health Strategist, HIMSS Analytics (Moderator)


Healthcare is plainly a target of cyber criminal and offensive nation-state actors. Not a week goes by without at least one hospital or clinic somewhere being targeted by cyber extortionists or thieves. When COVID started to spread outside of China, university health systems, pharmaceutical companies, and biomedical labs were the target of state cyber actors, out to steal research and formulations into treatment programs, new drugs or vaccines.

Since the world partially shut down, hospitals and clinics have been the target of organized crime syndicates, plying their ransomware tools and other forms of extortion against overwhelmed and under-protected healthcare providers. This is as true for providers in Asia Pacific as it is in the Americas or Europe.

Healthcare was forced to pivot very quickly to remote services like telehealth and telemedicine for patient services, while non-clinical staff quickly found themselves working from home or on furlough, as hospitals scrambled to figure out how they were going to pay their bills, without the usual elective surgeries and other revenue-generating activities that forms the basis of a typical independent health provider's business model.

New technologies, in many cases rapidly implemented, without the usual security assessments and testing, exposed a highly distracted industry to risks. Risks that perpetrators quickly took advantage of and used to their advantage.

This is what we are beginning to describe as the 'Attackers Arbitrage'.


Read the Healthcare IT News article for more on this subject.

Watch the linked on-demand video of the subsequent panel discussion between Jonathan Bagnall, Cybersecurity Global Market Leader, with Philips Healthcare; Richard Staynings, Chief Security Strategist with Cylera; and Andrew Pearce, Senior Digital Health Strategist, Analytics, HIMSS