Breaches and ransomware infections are hitting healthcare hard alongside the critical supply chain that helps keep healthcare operations running. The federal government has been issuing a flurry of guidance, executive orders, draft regulations, diplomacy, and more to try to kickstart our national response to the cyber crisis. We are calling in the cavalry, but will it help?

In this episode of The CyberPHIx, we hear from Steve Dunkle, Chief Information Security Officer for Geisinger Health System.

Steve is one of the country's leading cybersecurity healthcare leaders and we get his perspective on some of these federal updates and proposed changes to see how they fare in terms of providing meaningful support and guidance for healthcare organizations.

We discuss new federal and standards guidance and related trends including:

• NIST’s “Bad Practices” cybersecurity guide for end-of-life devices, default passwords, and single-factor authentication
• Ransomware guidance from the NSA, FBI, and CISA on stopransomware.gov
• Third-party risk and supply chain risk guidance and pending regulations
• Strategies for CISO executive success include a focus on customer service, strategic thinking and planning, networking, and continuous learning

• Incident response and cyber-resilience guidance
• OCR enforcement focus areas and HIPAA Security Rule compliance