EP240 Cyber Resiliency for the Rest of Us: Making it Happen on a Real-World Budget
Guest:
Errol Weiss, Chief Security Officer (CSO) at Health-ISAC
Topics:
How adding digital resilience is crucial for enterprises? How to make the leaders shift from “just cybersecurity“ to “digital resilience”?
How to be the most resilient you can be given the resources? How to be the most resilient with the least amount of money?
How to make yourself a smaller target?
Smaller target measures fit into what some call “basics.” But “Basic” hygiene is actually very hard for many. What are your top 3 hygiene tips for making it happen that actually work?
We are talking about under-resources orgs, but some are much more under-resourced, what is your advice for those with extreme shortage of security resources?
Assessing vendor security - what is most important to consider today in 2025? How not to be hacked via your vendor?
Resources:
ISAC history (1998 PDD 63)
CISA Known Exploited Vulnerabilities Catalog
Brian Krebs blog
Health-ISAC Annual Threat Report
Health-ISAC Home
Health Sector Coordinating Council Publications
Health Industry Cybersecurity Practices 2023
HHS Cyber Performance Goals (CPGs)
10 ways to make cyber-physical systems more resilient
EP193 Inherited a Cloud? Now What? How Do I Secure It?
EP65 Is Your Healthcare Security Healthy? Mandiant Incident Response Insights
EP49 Lifesaving Tradeoffs: CISO Considerations in Moving Healthcare to Cloud
EP233 Product Security Engineering at Google: Resilience and Security
EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators
EP240 Cyber Resiliency for the Rest of Us: Making it Happen on a Real-World Budget
Guest:
Errol Weiss, Chief Security Officer (CSO) at Health-ISAC
Topics:
How adding digital resilience is crucial for enterprises? How to make the leaders shift from “just cybersecurity“ to “digital resilience”?
How to be the most resilient you can be given the resources? How to be the most resilient with the least amount of money?
How to make yourself a smaller target?
Smaller target measures fit into what some call “basics.” But “Basic” hygiene is actually very hard for many. What are your top 3 hygiene tips for making it happen that actually work?
We are talking about under-resources orgs, but some are much more under-resourced, what is your advice for those with extreme shortage of security resources?
Assessing vendor security - what is most important to consider today in 2025? How not to be hacked via your vendor?
Resources:
ISAC history (1998 PDD 63)
CISA Known Exploited Vulnerabilities Catalog
Brian Krebs blog
Health-ISAC Annual Threat Report
Health-ISAC Home
Health Sector Coordinating Council Publications
Health Industry Cybersecurity Practices 2023
HHS Cyber Performance Goals (CPGs)
10 ways to make cyber-physical systems more resilient
EP193 Inherited a Cloud? Now What? How Do I Secure It?
EP65 Is Your Healthcare Security Healthy? Mandiant Incident Response Insights
EP49 Lifesaving Tradeoffs: CISO Considerations in Moving Healthcare to Cloud
EP233 Product Security Engineering at Google: Resilience and Security
EP204 Beyond PCAST: Phil Venables on the Future of Resilience and Leading Indicators