Overview: In this episode of Cyber Focus, host Frank Cilluffo interviews Errol Weiss, Chief Security Officer at the Health Information Sharing and Analysis Center (Health ISAC). They discuss the evolving cybersecurity challenges in the healthcare sector, including ransomware, supply chain vulnerabilities, and the critical need for better security measures to protect medical devices and patient data. Weiss shares insights from his extensive experience in both healthcare and financial services cybersecurity, highlighting lessons learned, the role of information sharing, and the importance of proactive measures to mitigate risks.
Main Topics Covered:

• Health ISAC’s role in supporting global healthcare organizations.
• The increasing ransomware threat and its impact on patient care.
• Challenges in securing medical devices and mitigating supply chain risks.
• Differences between compliance and true cybersecurity in healthcare.
• Lessons from the financial services sector to improve healthcare security.
• Future technologies like AI and quantum computing in healthcare cybersecurity.

Key Quotes:
"Ransomware is going is getting worse and will continue to get worse. As we see, not only are the criminal groups going after the hospitals, but they're also going after the patients themselves." — Errol Weiss
"These [ransomware operators] have figured out that they can cause major regional, sometimes even national impact by these ransomware events." — Errol Weiss
"In October of 2025, there's a whole other batch of medical devices based on Windows 10 that are going to be having more and more issues, just representing weak points that malicious outsiders can take advantage of." — Errol Weiss
"Get involved, learn more, partner with others. But don't wait around for somebody to come save you because it's not happening." — Errol Weiss
"If you think that 100% of the people who are coming in remotely are using MFA, make sure they are. We keep finding exceptions all over the place and that's where we find the weak points." — Errol Weiss
Relevant Links and Resources:
Health Industry Cybersecurity Practices and Training Videos
National Council of ISACs
Guest Bio:

Errol Weiss is the Chief Security Officer at Health-ISAC, where he leads the Threat Operations Center, delivering actionable intelligence to nearly 800 healthcare organizations worldwide. Previously, he helped establish the Financial Services ISAC and worked at the NSA conducting vulnerability analyses on classified systems. With decades of experience, Errol is a recognized leader in cybersecurity and threat intelligence.